On Wed, Dec 11, 2013 at 09:00:25PM -0800, Jason T. Slack-Moehrle wrote:
Hi All,
So my electricity bill is through the roof and I need to pair down some equipment.
I have a CentOS 6.5 Server (a few TB, 32gb RAM) running some simple web stuff and Zimbra. I have 5 static IP's from Comcast. I am considering giving this server a public IP and plugging it directly into my cable modem. This box can handle everything with room for me to do more.
Doing this would allow me to power down my pfSense box and additional servers by consolidating onto this single box.
I have the firewall on on the server and only allowing the few ports I need.
I dont run ssh on 22
What do you guys think?
You certainly CAN do it that way.
Being paranoid, I'm in favor of having one "box" that does firewall/routing duties without any other apps running, to reduce the exposed "attack surface".
I used to run a Smoothwall GPL box as firewall, but like you, I wanted to do a little something about the power usage. My "solution' was a dedicated consumer router, which used probably (not measured) a tenth of the juice of the old PC that ran Smoothwall. I used dd-wrt on it instead of the original firmware.