[Shorewall-users] Advice needed

Tom Eastep shorewall-users at lists.shorewall.net
Mon Dec 8 15:24:48 PST 2003


On Monday 08 December 2003 03:19 pm, Carlos Cajina - Hotmail wrote:
> Thanks A LOT for the quick answer Tom... What I'll try to do then is
> (physically) place the firewall between the switches and the router and set
> up Shorewall as in the two-interface example. I'll use currently active the
> subnet for the internal interface and the other for the external interface.

If your local subnet(s) use(s) public IP addresses then you probably want to 
start with the Shorewall Setup Guide 
(http://www.shorewall.net/shorewall_setup_guide.htm).
 
>
> Just out of curiosity: What do you mean by "security by obscurity"? What
> would be Shorewall's behavior in a situation like the one a previously
> described?
>

It is security by obscurity because from any local system where the user has 
administrative privileges, the "firewall" can be bypassed. 

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list