NAT w/o firewall?
Cole Tuininga
colet at code-energy.com
Tue Dec 7 13:35:01 EST 2004
I can't speak for anybody else, but for me that's the majority of how I
do my setup. The only port open on my NAT box is ssh and since I have
that locked down pretty well on the application side, I don't firewall
it out (though I probably should).
Beyond keeping your kernel up to date for exploits, unless you're doing
something like reverse NAT'ing particular ports to an internal machine
or something, I don't see a whole lot of reason for more firewall rules
unless you want to logging for an [NH]IDS or something.
--
Computers are like air conditioners:
They stop working properly when you open windows.
Cole Tuininga
Lead Developer
Code Energy, Inc
colet at code-energy.com
PGP Key ID: 0x43E5755D
More information about the gnhlug-discuss
mailing list