Re: Firewall and email/file servers on same machine?

From: James Knott (james.knott_at_rogers.com)
Date: 01/15/05

  • Next message: van_at_dedserius.com: "NOQUEUE: POSSIBLE ATTACK from remotehost: newline in string "some_random_string\r ""
    Date: Sat, 15 Jan 2005 08:12:28 -0500
    
    

    markp wrote:

    > Is it better from a security point of view to have physically separate
    > machines for the firewall and servers, or can these be in the same
    > physical machine without compromising security? I've heard that physically
    > separating them is good practice, but is there a genuine security reason
    > or is this just a maintenance issue?

    Firewalls should not be running anything not related to the firewall
    funtion. The more you install or run, the greater the possibility of a
    security risk. Ideally, you'd even forward vpn and ssh access to another
    box, rather than allow it on the firewall.


  • Next message: van_at_dedserius.com: "NOQUEUE: POSSIBLE ATTACK from remotehost: newline in string "some_random_string\r ""