[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] [K12Ltsp] k12ltsp server as an internet firewall /access point



On Mon, 18 Feb 2002, Bruce Huddleson wrote:

>On Fri, 2002-02-15 at 01:47, Julius Szelagiewicz wrote:
> > Dear Folks,
> > 	one of my expensive firewall / vpn / everything applaiances got
> > fried. i am not thrilled with spending money on a new one. i was thinking
> > of putting a k12ltsp server in its place. any advice on config? (firewall
>[snip]
>LTSP is a very open design - it really expects that the people on it are
>a trusted community. Don't even think of connecting an LTSP setup to all
>those nasty people on the internet without a firewall. To me, that means
>a dedicated box - which could be a cheap PC running one of the
>Linux-based firewall packages.
>
>John

It all depends on how paranoid you are. The default configuration of K12LTSP
expects two nics, one that is "open" to the internal network where the
terminals are and one that is firewalled off by default (permitting only
DHCP & SSH).

So in short, K12LTSP (with the default config) is firewalled from the big-bad
world. But, as an earlier poster pointed out, "defense in depth" is required
for a truely "secure" configuration. Where one firewall is good two is better.

-Eric





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]