[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cfservd access through firewall - dangerous ?
|
From: |
Richard Arends |
|
Subject: |
Re: Cfservd access through firewall - dangerous ? |
|
Date: |
Mon, 29 Apr 2002 12:22:52 +0200 (CEST) |
On 29 Apr 2002, Adrian Phillips wrote:
> Thanks. Actually this part is relatively easy to do. We can forward a
> port on the firewall to an internal machine without any problems, its
> the question of how secure it can be in terms of what cfservd allows
> and disallows that conerns me most.
This works, but is it safe??? It still can be possible to spoof one of the
ip's. Therefor i would lock it down with IPSEC, or (and?) hardcode the
mac-addresses in the arp tabel, or even if youre firewall supports it
(iptables), put it in there...
Greetings,
Richard.
----
An OS is like swiss cheese, the bigger it is, the more holes you get!
Re: Cfservd access through firewall - dangerous ?, Adrian Phillips, 2002/04/29
Re: Cfservd access through firewall - dangerous ?, Mark . Burgess, 2002/04/29