hello... I'm posting for a friend -- thanks
Hello fellow OpenBSD'ers:
Here goes:
What is special about a gateway machine? And if a box is not being setup as a gateway, what is a good typical setting;
I am having big time security problems and I want to setup one OpenBSD machine with multiple nic cards as well as a few other little things. Most of the stuff I understand, but I am definitely not an IP/TCP person.
Can someone suggest a good book on setting up router's, nic cards, etc; with OpenBSD. I have someone writing a firewall script now. (Is this re-read each time inetd starts? WHEN is it read.)
Anything wrong with doing my own termination and restart of inetd mechanically, every few seconds? (As in five seconds.) My idea is to limit the duration of access to an intruder. (This is not all I intend.)
So question #1: Can I terminate and restart inetd many times an hour without adversely the other sub-systems in OpenBSD? What is the best way to accomplish this? -- I know how to start/stop inetd, I want to know what the likely side-effects are. I am willing to accept missed packet's and generally missed messages.
Question #2: Are firewall scripts re-read each time inetd starts? When are such scripts read? I ask because I intend to mechanically rewrite the scripts dynamically, using learning techniques.
Question #3: What is a gateway machine?
Question #4: If I decline the inetd service when I build the system, what is the best way to start (and stop) the services individually?
And last: Are scripts like sshd.conf read at ssh startup? I understand that computing key factors isn't instant. I have a different approach.
Hello fellow OpenBSD'ers:
Here goes:
What is special about a gateway machine? And if a box is not being setup as a gateway, what is a good typical setting;
I am having big time security problems and I want to setup one OpenBSD machine with multiple nic cards as well as a few other little things. Most of the stuff I understand, but I am definitely not an IP/TCP person.
Can someone suggest a good book on setting up router's, nic cards, etc; with OpenBSD. I have someone writing a firewall script now. (Is this re-read each time inetd starts? WHEN is it read.)
Anything wrong with doing my own termination and restart of inetd mechanically, every few seconds? (As in five seconds.) My idea is to limit the duration of access to an intruder. (This is not all I intend.)
So question #1: Can I terminate and restart inetd many times an hour without adversely the other sub-systems in OpenBSD? What is the best way to accomplish this? -- I know how to start/stop inetd, I want to know what the likely side-effects are. I am willing to accept missed packet's and generally missed messages.
Question #2: Are firewall scripts re-read each time inetd starts? When are such scripts read? I ask because I intend to mechanically rewrite the scripts dynamically, using learning techniques.
Question #3: What is a gateway machine?
Question #4: If I decline the inetd service when I build the system, what is the best way to start (and stop) the services individually?
And last: Are scripts like sshd.conf read at ssh startup? I understand that computing key factors isn't instant. I have a different approach.