I am about to install a RedHat 8.0 box with iptables to act as our firewall for our internal network that consists of 20 machines.
Besides doing a -j drop on our external interface when receives a packet with source equal to our internal network, what other measures we have to take? We do host an SMTP server but nothing else. I have read about blocking 10.x.x.x addresses but also read that "some" routers/sites use those addresses. Any anti-DoS rules? More settings? Or maybe a link to a site that offers suggestion for proper firewall configurations.... Thanks in advance, Erick.
