Re: secure topologies - smtp/dns/whois/....

2003-03-23 Thread Lupe Christoph
On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote: > Would you share your opinions on the following setup for daemons? > firewall runs > whois server - gwhois or jwhois? No services on the firewall. Put that on a machine in the DMZ. > iptables - firewall ... because it

Re: secure topologies - smtp/dns/whois/....

2003-03-23 Thread Lupe Christoph
On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote: > Would you share your opinions on the following setup for daemons? > firewall runs > whois server - gwhois or jwhois? No services on the firewall. Put that on a machine in the DMZ. > iptables - firewall ... because it

Re: secure topologies - smtp/dns/whois/....

2003-03-22 Thread Alvin Oga
hi ya gazillion different solutions for "secure topologies" that depends on time, and machines available, skillset and what you're protecting against c ya alvin -- you need backups ... :-) -- disallow insecure services even behind the firewall ( telnet, ftp, pop3/imap, dhcp, wirel

Re: secure topologies - smtp/dns/whois/....

2003-03-22 Thread Alvin Oga
hi ya gazillion different solutions for "secure topologies" that depends on time, and machines available, skillset and what you're protecting against c ya alvin -- you need backups ... :-) -- disallow insecure services even behind the firewall ( telnet, ftp, pop3/imap, dhcp, wirel

Re: secure topologies - smtp/dns/whois/....

2003-03-22 Thread David B Harris
On Sat Mar 22, 12:01pm -0600, Hanasaki JiJi wrote: > firewall runs > whois server - gwhois or jwhois? No comment, I don't run any WHOIS servers. > iptables - firewall iptables is fine, if you set it up properly. > bind9 - for external dns > Also fine, if you se

secure topologies - smtp/dns/whois/....

2003-03-22 Thread Hanasaki JiJi
Would you share your opinions on the following setup for daemons? firewall runs whois server - gwhois or jwhois? iptables - firewall forwards-to/NAT-from internal smtp server NAT outgoing DNS for internal bind9 server bind9 - for extern

Re: secure topologies - smtp/dns/whois/....

2003-03-22 Thread David B Harris
On Sat Mar 22, 12:01pm -0600, Hanasaki JiJi wrote: > firewall runs > whois server - gwhois or jwhois? No comment, I don't run any WHOIS servers. > iptables - firewall iptables is fine, if you set it up properly. > bind9 - for external dns > Also fine, if you se

secure topologies - smtp/dns/whois/....

2003-03-22 Thread Hanasaki JiJi
Would you share your opinions on the following setup for daemons? firewall runs whois server - gwhois or jwhois? iptables - firewall forwards-to/NAT-from internal smtp server NAT outgoing DNS for internal bind9 server bind9 - for external dns