From owner-freebsd-questions  Tue Apr 23  0:20:15 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from homemail.bjt.net (mailhub1.bjt.net [209.237.6.254])
	by hub.freebsd.org (Postfix) with ESMTP id 65CB537B404
	for <questions@freebsd.org>; Tue, 23 Apr 2002 00:20:10 -0700 (PDT)
Received: from foo.fake.primenet.com [209.237.31.190] by homemail.bjt.net with ESMTP
  (SMTPD32-7.06) id A97A23A006C; Tue, 23 Apr 2002 00:12:58 -0700
Received: from baz.fake.primenet.com (baz [10.0.0.3])
	by foo.fake.primenet.com (8.9.3/8.8.8) with ESMTP id AAA08032;
	Tue, 23 Apr 2002 00:20:03 -0700 (PDT)
	(envelope-from bko@idiom.com)
Received: from baz.fake.primenet.com (localhost [127.0.0.1])
	by baz.fake.primenet.com (8.12.2/8.12.2) with ESMTP id g3N7K00q063916;
	Tue, 23 Apr 2002 00:20:04 -0700 (PDT)
	(envelope-from bkogawa@baz.fake.primenet.com)
Received: (from bkogawa@localhost)
	by baz.fake.primenet.com (8.12.2/8.12.2/Submit) id g3N7Jq74063905;
	Tue, 23 Apr 2002 00:19:52 -0700 (PDT)
From: "Bryan K. Ogawa" <bko@idiom.com>
Message-Id: <200204230719.g3N7Jq74063905@baz.fake.primenet.com>
To: Chris Hill <chris@monochrome.org>, questions@freebsd.org
Subject: Re: Are you sure?
In-Reply-To: <Pine.BSF.3.96.1020419032809.2103C-100000@localhost>
References: <10192023110652990000> <Pine.BSF.3.96.1020419032809.2103C-100000@localhost>
Date: Tue, 23 Apr 2002 00:19:52 -0700
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

In localhost.freebsd.questions, you wrote:
> On Fri, 19 Apr 2002, Sunny Dale wrote:
>> Chris Hill wrote:
>> >On Fri, 19 Apr 2002, Mark Filipak wrote:

>> >>One more thing about my quest for the perfect gateway + firewall + www
>> >>server + mail + LAN server: GallantWEB has browser configurability --
>> >>that is, you create accounts and even apply patches through the
>> >>browser's (http) interface. Does plain-vanilla FBSD have such a
>> >>facility? 
>> >>
>> >
>> >There is a thing called WebMin which I *think* has this functionality; 
>> >never used it myself.
> 
>> is that really a good idea to install webmin on a firewall?
> 
> Maybe not, I don't know. As I said, I've never used it. I only mentioned

I don't know either.  If I were to do this, one thing I would strongly
consider doing would be binding the httpd that served webmin ONLY to
the internal interface.  Then, someone would have to break in from the
inside side of the firewall to break webmin.  Definitely not the only
thing I'd do, but something.

This is something those cheap NAT routers do, and it makes a lot of
sense.

-- 
bryan k ogawa  <bko@idiom.com>   http://www.idiom.com/~bko/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message