RE: Start up scripts

To: "'Henry Hollenberg'" <speed@barney.iamerica.net>
Cc: "'debian-firewall@lists.debian.org'" <debian-firewall@lists.debian.org>
Subject: RE: Start up scripts
From: "Meskes, Michael" <meskes@topsystem.de>
Date: Thu, 5 Mar 1998 16:40:28 +0100
Message-id: <[🔎] 11720CEF3853D011AC0C00A024B7A9E11125A1@einstein.topsystem.de>

FTP-Proxy suffers from the same problems as passive mode sometimes. Also
where do you get that proxy software?

What's the exact risk we take with using a module?

Michael
--
Dr. Michael Meskes, Project-Manager    | topsystem Systemhaus GmbH
meskes@topsystem.de                    | Europark A2, Adenauerstr. 20
meskes@debian.org                      | 52146 Wuerselen
Go SF49ers! Go Rhein Fire!             | Tel: (+49) 2405/4670-44
Use Debian GNU/Linux!                  | Fax: (+49) 2405/4670-10

> -----Original Message-----
> From:	Henry Hollenberg [SMTP:speed@barney.iamerica.net]
> Sent:	Thursday, March 05, 1998 4:02 PM
> To:	Meskes, Michael
> Subject:	RE: Start up scripts
> 
> 
> 
> 	Henry Hollenberg     speed@barney.iamerica.net 
> 
> Yes, I see your point, I guess I'm the most vocal user at this point
> on
> this site (since I'm paying for the connection! :-)), but this needs
> to
> work well for many if it's to have any value....we need some numbers
> of
> people beating on the architecture to validate it, not just me.
> 
> Do you think we could get away with proxying these and maintain a
> "non-modultated" kernel?  Perhaps have an option in the install script
> to
> branch to "modultated" or "non-modultated" with perhaps a brief note
> about
> what's being given up and gained.
> 
> Oh yeah, I expect my site to grow into a heavily used site soon....so
> I'll
> probably need to get with the program as far as the new whiz bang
> protocols are concerned.
> 
> On Thu, 5 Mar 1998, Meskes, Michael wrote:
> 
> > I do not use these all. :-) BTW the second number listed is the use
> > count. As you see only ftp is in use now. But some of my users have
> used
> > vdolive and of course irc . Also we wanted to try cuseeme.
> > 
> > Anyway, I don't think restricting ftp to passive is a good idea.
> While I
> > agree that it is for security reasons it certainly is not for user
> > friendlyness. There's more to ftp than using a browser to access
> some
> > files. There are quite some programs, libraries and scripts that use
> > ftp. And not all are configurable.
> > 
> > I think we shouldn't act as if we were on an island. We will get
> users
> > who ask for these services and I prefer a firewall that has been
> > constructed with these in mind.
> > 
> > Michael
> > 
> > > > ip_masq_quake      1            0
> > > > ip_masq_ftp        1            2
> > > > ip_masq_raudio     1            0
> > > > ip_masq_irc        1            0
> > > > ip_masq_cuseeme    1            0
> > > > 
> > > > You could get rid of them if you don't waynt to allow the the
> > > program to
> > > > be used or add a proxy for it.
> 
> 
> --
> E-mail the word "unsubscribe" to
> debian-firewall-request@lists.debian.org
> TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble?  e-mail to
> listmaster@debian.org .


--
E-mail the word "unsubscribe" to debian-firewall-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble?  e-mail to listmaster@debian.org .

Reply to:

Follow-Ups:
- RE: Start up scripts
  - From: Henry Hollenberg <speed@barney.iamerica.net>

Prev by Date: RE: Start up scripts
Next by Date: RE: Start up scripts
Previous by thread: RE: Start up scripts
Next by thread: RE: Start up scripts
Index(es):
- Date
- Thread