OK, now how about proxies...

To: debian-firewall@lists.debian.org
Subject: OK, now how about proxies...
From: Paul M Sargent <pauls@3dlabs.com>
Date: Tue, 7 Dec 1999 12:02:39 +0000
Message-id: <[🔎] 19991207120239.C30146@3dlabs.com>

Following up from the 'Is Linux secure enough?' question (to which the
answer was "We all think so" :-) I was wondering what more I could make this
system offer over our current firewall.

At the moment the current system is purely packet filtering, but I know that
when we first put it up we were thinking about having a proxy firewall for
FTP. Are there any proxy packages I should take a look at?

Also, the firewall policy tends to be all incomming connections are denied
(with the exception of a few key systems from the ISP), only outgoing Web
and FTP ports are open. The incomming side of this seems sensible to me, but
the outgoing side seems to me to be locking the gate once the horse has
bolted. Either you plug the holes with proxies, or there is little reason to
limit the ports available for outgoing traffic.

Comments?

Cheers

Paul
--
Paul Sargent
mailto: Paul.Sargent@3Dlabs.com

Reply to:

Prev by Date: Re: How to filter ICMP timestamp requests?
Next by Date: Re: WNPP PING: 19980302 martin@uni-mainz.de
Previous by thread: Re: How to filter ICMP timestamp requests?
Next by thread: Re: WNPP PING: 19980302 martin@uni-mainz.de
Index(es):
- Date
- Thread