On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote: > I have a client that have an exchange server inside the LAN and he wants to > access the web interface from the world. I thought I'll put a transparent > proxy server on the DMZ. apt-cache search proxy gave a few options but > except squid (which is a little overkill for this) I don't know any of them > (especially in terms of security) and I'm looking for recommendations.
Um, do I understand correctly that you want to allow access from the internet to a machine in your client's LAN? In that case, squid is indeed the wrong solution. Maybe have a look at sslwrap+redir, or stunnel, which can run on any machine in your DMZ and forward incoming connections to the internal machine, adding SSL encryption to make it more secure. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯
