On Thu, May 21, 2009 at 6:53 PM, <obiozorok...@yahoo.com> wrote: > Well I'm certainly no expert in all this and I'm happy to be corrected > before > I make any more mistakes with my configuration. Man am I glad I put this > post > out because I'm getting such great feedback! > > I'll have to re-think this but I > honestly thought (I guess I'm wrong) that if I my first OpenBSD VM image > running on ESXi as my strong firewall I would be ok. Basically its just a > virtualization of my physical environment but all on one box with 3 VM > images. > So my idea was to have second OpenBSD image (not the firewall OpenBSD > image) > running with Samba as my Domain Controller and File server, and Email > server > and then the third Windows VM running just the custom app. I figured that > as > long as all the 'Net traffic hit my first OpenBSD VM and was properly > filtered > and controlled by pf, spam greylisting, brute force checked, etc I would be > ok? No?
Certainly the hardware chosen isnt anywhere NEAR potent enough,... and u're leaving ure whole configuration open for attack via the ESXi sub layer. Why not just port the custom app to OpenBSD and run the configuration natively on the hardware?
