Link to home
Start Free TrialLog in
Avatar of johand
johand

asked on

Internet security question

Im busy setting up a simple proxy server on my network as follows : the linux server has two network cards, one with a real IP address connected to the internet, the other with my 10.1... address on my internal network. Im running squid on this machine to enable my users to surf the web. My question is : How safe is my internal users from attacks from the internet ? Is it necessary for me to install firewalling software as well ? There is obviously no route between the two NICs except if someone could telnet into the box...  Welldocumented(referenced) answer will receive the points :)
Johan
Avatar of helver
helver

In that setup, the proxy machine would be the target of attacks.  As you say, if your proxy is compromised, that opens your entire local network to attack.  So long as your proxy is secure, no one will be able to initiate connections into your local network.

In order to properly lock down your proxy server, however, you'll probably end up using firewall-type restrictions anyway.  It might make more sense to give your local network more access to the internet using masquerading, and go ahead and call your proxy server a firewall.
Avatar of johand

ASKER

" It might make more sense to give your local network more access to the internet using masquerading, and go ahead and call your proxy server a firewall." If you suggest this as a better option, could you be more specific as to how to go about it, where to find information, what packages to use etc...

For the current version of RedHat, at least, the ipchains package will allow you to set up IP Masquerading as well as forwarding and firewalling rules.
ASKER CERTIFIED SOLUTION
Avatar of xpash
xpash

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ipfwadm is the old way to do it...  *shrug*  ipchains is the currently accepted way...