Masqerading vs. Applikationproxy
I have a question about firewall's and security on debian linux.
Is there an advantage to use application proxy's instead of a
masqerading box to secure a LAN with private IP addresses from
the dangerous internet.
I don't mean danger from inside the LAN (which could be solved
through user authentication, IP-based ACL's ...)
When I have to allow users inside my network the use of IRC, ICQ,
RealAudio/RealVideo or FTP (with a real FTP client), is then an
application proxy more secure than masqerading?
Under application proxy's I understand the use of squid
(for http/ftp/https) or dante (for socks5 aware applications).
thanks for any comments in advance.