One wants a firewall to
1. not require logging into the firewall computer itself (TIS requires
this)
2. not require putting new (1 line changed then recompiled) ftp,
telnet, ... on the computers behind the firewall (SOCKS4 may require
this, I forget)
The first causes the user a lot of work, the second causes the
administrator a lot of work.
I understand any reasonable commercial firewall does both 1 and 2.
TIS informed me personally that 1. is inherent in their software, but
they sell gauntlet without this problem. Of course, neither you nor I
wants to pay for a firewall.
I'm unsure what the new SOCKS (SOCKS5 I believe) does, but it has many
improvements. I have also seen alpha level firewalls, one being
developed by, I believe, a group of banks in Switzerland.
These firewall approaches provide more secure proxy servers.
The kernel itself provides IP-filtering approaches if compiled with
"firewall". You tell the kernel which addresses to allow and which to
deny. There was a nice command that does this (I forget its name).
Hopefully enough people want a proxy firewall that the free community
will develop one that is not burdensome.
______________________________ Reply Separator _________________________________
Subject: Firewalls
Author: debian-user@lists.debian.org at INTERNET
Date: 6/13/97 3:51 PM
Anyone running a debian-based firewall out there?
Does anyone have any experience with the TIS firewall toolkit package
for Debian? How about setting up firewalling in the kernel?
What are the pros and cons of each method for building a Linux firewall?
Thanks.
Dave
[EMAIL PROTECTED]
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
