[K12OSN] Security

Les Mikesell les at futuresource.com
Mon Nov 28 19:42:37 UTC 2005

On Mon, 2005-11-28 at 13:29, Brad Thomas wrote:
> So basically I will have to look for a hardware solution for that type 
> of setup?  Is there not anything on the server itself that I would be 
> able to configure to only allow http requests to go out of it?

You probably already have the hardware solution in place.  The trick
is to get the k12ltsp server connected to the other side of it - that
is, so you are not directly on the internal LAN but instead connect
on the internet side of your existing firewall.  It is possible to
configure iptables on the k12ltsp server to limit outbound connections
but that's the wrong place to do it and there may be internal web
servers that should not be accessible.  If you do go that route you
should probably block all other internal addresses except your
default gateway.

  Les Mikesell
    les at futuresource.com

More information about the K12OSN mailing list