public IPs on DMZ
From: phraxmimmo@bunker.frogspace.netDate: 02/21/02
- Previous message: Jan Stifter: "Re: Creating a backup machine."
- In reply to: Philip Ching (605.734.71): "Re: Q on PortSentry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Feb 2002 01:40:42 -0800 (PST) From: phraxmimmo@bunker.frogspace.net To: security-discuss@linuxsecurity.com
Hi all.
I'm setting up a 3 NICs firewall, and I need to put a couple of public IPs
on the DMZ branch.
Since I'm not allowed (for the moment) to specify static ACLs on the
router, I was considering several options like setting up virtual NICs and
using bouncer or similar tricks...
But I came across a Greg Mader's doc which suggests a nice solution:
setting up the firewall to answer calls for the MAC address of the public
Web server on the DMZ.. so:
/sbin/arp -s PUB.IP.x.y 00:pub:ip:MAC:addr pub
Any security-related issue on that?
Any other safe solution to suggest?
Thanks in advance
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
- Previous message: Jan Stifter: "Re: Creating a backup machine."
- In reply to: Philip Ching (605.734.71): "Re: Q on PortSentry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
