thanx everybody for your input. you gave me some good ideas.
Bye
--
Haim
Hi!! I really understand your problem. Sometimes we HAVE TO do what we
wouldn't never even think about... so, the best is to try to find the best
solution!!
In this particular case, my response was: twhttpd. No vulnerabilities
found (until now...), very well programmed, well documented, very
cust
thanx everybody for your input. you gave me some good ideas.
Bye
--
Haim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi!! I really understand your problem. Sometimes we HAVE TO do what we
wouldn't never even think about... so, the best is to try to find the best
solution!!
In this particular case, my response was: twhttpd. No vulnerabilities
found (until now...), very well programmed, well documented, very
cust
On Wed, 2003-12-31 at 13:17, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > However, for virtual hosting across multiple back-end machines with
> > authentication at the firewall, I found apache2 + mod_ssl + mod_proxy
> > more suitable. Moreover, pound does not provide cachi
In article <[EMAIL PROTECTED]> you wrote:
> However, for virtual hosting across multiple back-end machines with
> authentication at the firewall, I found apache2 + mod_ssl + mod_proxy
> more suitable. Moreover, pound does not provide caching for
> acceleration, nor ssl on the back channel.
The que
In article <[EMAIL PROTECTED]> you wrote:
> How about Apache with mod_security [1]? Looks pretty good to me.
Cant speak about the module, thanks for the hint. Personally I think Apache
is too bloated to be used on a bastion gateway.
Greetings
Bernd
--
eckes privat - http://www.eckes.org/
Project
On Wed, 2003-12-31 at 13:17, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
> > However, for virtual hosting across multiple back-end machines with
> > authentication at the firewall, I found apache2 + mod_ssl + mod_proxy
> > more suitable. Moreover, pound does not provide cachi
In article <[EMAIL PROTECTED]> you wrote:
> However, for virtual hosting across multiple back-end machines with
> authentication at the firewall, I found apache2 + mod_ssl + mod_proxy
> more suitable. Moreover, pound does not provide caching for
> acceleration, nor ssl on the back channel.
The que
In article <[EMAIL PROTECTED]> you wrote:
> How about Apache with mod_security [1]? Looks pretty good to me.
Cant speak about the module, thanks for the hint. Personally I think Apache
is too bloated to be used on a bastion gateway.
Greetings
Bernd
--
eckes privat - http://www.eckes.org/
Project
On Wed, 2003-12-31 at 11:01, Bernd Eckenfels wrote:
[...]
> Unfortunatelly there are not much free HTTP Application Level Gateways
> (reverse
> proxies) out there which do good filtering. (And I am not sure if there are
> non-free
> which are good, either:). Some are listed on:
>
> http://www
On Wed, 2003-12-31 at 07:15, Haim Ashkenazi wrote:
> Dale Amon wrote:
>
> > On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
> >> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> >> > I have a client that have an exchange server inside the LAN and he
> >> > wants t
On Wed, 2003-12-31 at 11:01, Bernd Eckenfels wrote:
[...]
> Unfortunatelly there are not much free HTTP Application Level Gateways (reverse
> proxies) out there which do good filtering. (And I am not sure if there are non-free
> which are good, either:). Some are listed on:
>
> http://www.freef
On Wed, Dec 31, 2003 at 05:01:44PM +0100, Bernd Eckenfels wrote:
>
> Unfortunatelly there are not much free HTTP Application Level Gateways
> (reverse
> proxies) out there which do good filtering. (And I am not sure if there are
> non-free
> which are good, either:). Some are listed on:
How a
In article <[EMAIL PROTECTED]> you wrote:
> Maybe have a look at sslwrap+redir, or stunnel, which can run on any
> machine in your DMZ and forward incoming connections to the internal
> machine, adding SSL encryption to make it more secure.
There is no need to add SSL encryption, IIS can do that
On Wed, 2003-12-31 at 07:15, Haim Ashkenazi wrote:
> Dale Amon wrote:
>
> > On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
> >> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> >> > I have a client that have an exchange server inside the LAN and he
> >> > wants t
On Wed, Dec 31, 2003 at 05:01:44PM +0100, Bernd Eckenfels wrote:
>
> Unfortunatelly there are not much free HTTP Application Level Gateways (reverse
> proxies) out there which do good filtering. (And I am not sure if there are non-free
> which are good, either:). Some are listed on:
How about A
In article <[EMAIL PROTECTED]> you wrote:
> Maybe have a look at sslwrap+redir, or stunnel, which can run on any
> machine in your DMZ and forward incoming connections to the internal
> machine, adding SSL encryption to make it more secure.
There is no need to add SSL encryption, IIS can do that
Dale Amon wrote:
> On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
>> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
>> > I have a client that have an exchange server inside the LAN and he
>> > wants to access the web interface from the world. I thought I'll put a
On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> > I have a client that have an exchange server inside the LAN and he wants to
> > access the web interface from the world. I thought I'll put a transparent
> > proxy
Dale Amon wrote:
> On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
>> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
>> > I have a client that have an exchange server inside the LAN and he
>> > wants to access the web interface from the world. I thought I'll put a
On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> I have a client that have an exchange server inside the LAN and he wants to
> access the web interface from the world. I thought I'll put a transparent
> proxy server on the DMZ. apt-cache search proxy gave a few options but
> except
On Wed, Dec 31, 2003 at 03:05:43PM +0100, Richard Atterer wrote:
> On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> > I have a client that have an exchange server inside the LAN and he wants to
> > access the web interface from the world. I thought I'll put a transparent
> > proxy
On Wed, Dec 31, 2003 at 11:33:02AM +0200, Haim Ashkenazi wrote:
> I have a client that have an exchange server inside the LAN and he wants to
> access the web interface from the world. I thought I'll put a transparent
> proxy server on the DMZ. apt-cache search proxy gave a few options but
> except
Hi
I have a client that have an exchange server inside the LAN and he wants to
access the web interface from the world. I thought I'll put a transparent
proxy server on the DMZ. apt-cache search proxy gave a few options but
except squid (which is a little overkill for this) I don't know any of the
Hi
I have a client that have an exchange server inside the LAN and he wants to
access the web interface from the world. I thought I'll put a transparent
proxy server on the DMZ. apt-cache search proxy gave a few options but
except squid (which is a little overkill for this) I don't know any of the
26 matches
Mail list logo
