Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 20th August 2013
frcc frcc is offline
Don't Worry Be Happy!
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, tornado,puts the fear of God in you-Texas
Posts: 131
Default ifconfig and ssh question

We have an internet server on an openbsd box (ver 5.3)
receiving traffic on port 80 from the wan to various virtual hosts.

traffic is directed to this machine via an off the shelf router.
(only because i have not completely figured how to write the
pf redirection code)

The internal internet server only serves port 80 traffic unless it is
generated statefully outbound from itself.
I have set up a pf.conf file filtering traffic on this server.

I currently ssh into this box via fxp0 along with internet traffic.
PF is set to only allow ssh traffic from lan and is configured with
antispoof entries.

All our servers have many nic cards.
Would if help security to ssh into this box using fxp1 instead of fxp0
i.e. physically seperating WAN internet and ssh traffic.
adding entries into pf.conf as necessary. ?????

.AND. if so
What would be the diff in doing that with using an alias on fxp0 ??????

thankyou in advance.....
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ifconfig athn0 marconi OpenBSD General 6 25th March 2012 02:39 PM
PF - ifconfig problem ripp3r OpenBSD Security 5 12th December 2010 04:10 PM
need some basic help on ifconfig daemon-dd FreeBSD General 4 29th July 2008 03:21 PM
FreeBSD's Ifconfig for WEP tz24 FreeBSD General 15 13th June 2008 02:17 AM
ifconfig problem ichigo OpenBSD General 3 20th May 2008 10:59 PM

All times are GMT. The time now is 06:46 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick