8.2. Host Lockdown

Previous page
Table of content
Next page
 < Day Day Up > 

This may be obvious, but it needs stating. A firewall is a security device, and as such, needs to be configured as securely as possible. This book is filled with information regarding securing FreeBSD and OpenBSD hosts, so we will not bore you with repetition here.

However, we will offer some advice. If at all possible, make sure that the host performing firewall duties is not supplying other services such as those of a web or DNS server. A firewall is a target on the network, and by minimizing the services running on it, you will have a much better chance of standing up to attack.

As a challenge, one of the authors competed with friends to see who could configure a functional firewall with the fewest running services. At one point in a FreeBSD 4 release, he was able to have a functioning and remotely administrable firewall using only eight processes. While this idea may seem extreme, it serves as an example of how stripped down a BSD-based firewall can be.


     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Mastering FreeBSD and OpenBSD Security
    Practical Guide to Software Quality Management (Artech House Computing Library)
    ISBN: 596006268
    EAN: 2147483647
    Year: 2003
    Pages: 142
    Authors: John W. Horch
    BUY ON AMAZON
    Crystal Reports 9 on Oracle (Database Professionals)
    CISSP Exam Cram 2
    Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
    A+ Fast Pass
    Managing Enterprise Systems with the Windows Script Host
    Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy