On Tue, Aug 21, 2007 at 11:30:59AM -0600, Gordon J. Holtslander wrote:
> I have little experience with firewalls.
>
> Is it possible to set up a one-way firewall where data can be moved from a
> windows 2000 computer to second system - a data host. (OS is relatively
> unimportant - but likely linux), but data can't be moved from the data host
> back to the windows 2000 system?
Yes, this should be doable and be secure enough..
Setup your Linux box how you would like and add another network card.
Connect your Win2k box to this network and configure IP networking so
they can talk to each other - pick some subnet not being used anywhere
else.
On the Linux box do NOT enable forwarding. You can then setup some
iptable rules to only allow connections initiated from the Win2k box
to pass (you'll need stateful filtering/connection tracking). Make
sure to deny all traffic from the Linux box to the Win2k box.
So, yes it is possible to get what you desire, its just a matter of
getting iptables rules right.
-- Jason
Received on Tue Aug 21 11:41:46 2007
This archive was generated by hypermail 2.1.8 : Tue Aug 21 2007 - 11:41:49 CST