linux as bridge firewall

linux as bridge firewall

[cuenta de RH]

hi list!!! any one knows what happend with the services in linux when it acts as bridge firewall(xinetd, sendmail, sshd, etc)? since it has no IPs, can i desactive?

thanks in advance.

Nacho 

Re: linux as bridge firewall

[Jamie Harris]

> hi list!!! any one knows what happend with the services in linux when it
> acts as bridge firewall(xinetd, sendmail, sshd, etc)? since it has no IPs,
> can i desactive?

Your linux box can/will still have an IP address, it will just also repeat
all traffic on its interfaces.  Or at least thats my understanding.

cheers

Jamie...

-- 
**  This message was transmitted on 100% recycled electrons **

Re: linux as bridge firewall

[Stephen Samuel]

cuenta de RH wrote:
> hi list!!! any one knows what happend with the services in linux when it 
 > acts as bridge firewall(xinetd, sendmail, sshd, etc)? since it has no IPs,
 > can i desactive?

I'd go as far as to say you 'should' deactivate (unless you have
a good reason not to).


If your machine is just a bridge, and you're not setting an IP
address for any of it's interfaces, then there should be no packets
that the machine ever sees directed at it (unless someone manages
to do something like send a packet with a 127.0.0.1 address --
which your firewall should be rejecting as bogus).

The reason why is that -- each service has the possibility of
being exploited. If you manage to accidently assign an IP
address to one of the interfaces, then you don't want those
services exposed to the world.

-- 
Stephen Samuel +1(604)876-0426                samuel@bcgreen.com
		   http://www.bcgreen.com/~samuel/
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.