nuitari at balthasar
Oct 14, 2002, 9:53 PM
Post #4 of 4
On Mon, 14 Oct 2002, David Bourgeois wrote:
Re: Advice on network config (unix - linux and windows - mac)
[In reply to]
> I would like to setup a linux box as gateway - firewall and NAT (maybe
> DHCP too) for a network of SUN workstations, windows (98, XP, 2000) PC's
> and macs.
> I don't care about win and mac 's security but would like the SUN
> network to be as secure as possible. As I guess win can be easily
> compromised or in our case, untrusted persons can have access to it so I
> thought of physically separating the unix network from the others by
> using 2 subnets (three network cards on the gateway). So having two
> private networks, I can filter what goes from one to the other with the
> gateway's firewall (iptables in my case)
> Is this the right way to do what I would like? Do you see any problem
> pointing out? Any recommandation would be welcome.
> David Bourgeois
You should have security for the windows/mac on the firewall itself.
If you can, get a mail filter to remove some of the problems with security
Your idea is sound, but don't forget to treat traffic coming from the
mac/win part as being traffic from the internet (and vice-vesa).
Also make sure that the physical network is distinct (eg 1 network card
for the sun network, 1 for internet, 1 for win/mac).