[TriLUG] Ideas about centralized managagment iptables via SNMP traps
Chris Hedemark
chris at yonderway.com
Tue Mar 19 14:54:21 EST 2002
No thanks. Sounds too easily exploitable. The firewall box should be very
paranoid about using external data sources to decide on whether to permit
or deny traffic.
BTW - How many firewalls do you need anyway? One firewall box can handle
quite a few fast ethernet connections, and T1's are a piece of cake. I'm
trying to understand your problem better and I'm wondering if the site
really is so large to need so many firewalls or will just one really well
configured firewall fit the bill?
> Looking to get/build a centralized management system for iptables
> firewalls. The very basic idea is to generate SNMP traps and feed them
> to a database. The database could be used to manage iptables rules,
> detect abnormal behavior, give snapshot status of firewalls.
>
> Any pointers to software or projects that can do this would be greatly
> appreciated.
> --
> Glen Ford
> gford at idiom.com
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
> http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
More information about the TriLUG
mailing list