Using Linodes as proxies for each other?

presales

I'd like to use one Linode as a proxy server for another. I'm planning to have a "private" server A, accessible only to me and running only some utility stuff, and a "public" server B, accessible to a whole bunch of people, including some with admin privileges whom I don't fully trust. I'd like all of B's Internet traffic to be sent through A, so that I can do stuff like preventing it from sending email. Of course, it might suffice simply to block certain ports, which might be more possible but also would be less flexible. What think ye?

5 Replies

forum:Vance 14 years, 11 months ago

If they have root access on B, there's no way to force their network traffic to go through A. If they don't have root access on B, then you can control network traffic using B's firewall. So while there might be practical advantages to doing things as you propose, I don't see any security advantages.

forum:Guspaz 14 years, 11 months ago

Actually, you CAN force them. If one of the VPS only has a private IP address bound, then the only way they can access that machine is from another VPS on your account.

Why can't they get around this? Because the only way to get from that machine to the net (other than through the other VPS) would be to add the public IP and reboot. But since they have no way of knowing the public IP (there are a rather large number of possibilities), there's nothing that they can do about it.