> network to watch things, the idea arose to put a second NIC in the box to
> put in our DMZ (*Sort of like dual homing the machine, but without any
> protocols bound to it*).
>
> Now, being the security "cop" this rose several red flags for me while my
> mind was screaming out "no way in hell!" but I couldn't come up with one
> solid reason as to why not, so they want to go ahead with it.
>
> What I'm looking for from some of you more knowledgeable gurus is a
> reason not to let this happen, or reassurances from you as to why this isn't
> a problem, as my synapses are all screaming at me like spider man!!!
if you snip the tx lead so that the machine can't send data, period, then this
should be fine -- however, i wouldn't have the machine bridge to another
network, even with the lead snipped, use the serial port to manage me machine,
then there is no risk of packets being leaked.
-- craig
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
