additional firewall measures
hello all... i'm seeking a little advice with my firewall. currently, it's a pretty basic setup. two nics, one connected to my cable, the other to my internal network. i use IP masqing to forward client requests to the internet.
i've closed down all ports that i believe to be unused, and only leave 80, 25, 110, 22, and 23 open.
now, i've heard about others who've setup their firewalls so all their binaries are NFS mounted, meaning a hacker would not be able to do much if he/she gained access to my firewall. so my question is, how do i go about setting something like that up? which binaries are the most critical to move, and which should i leave for system functionality, etc.
any and all help is appreciated! :-)
|