Re: what http/https/ftp/smts proxy/relay to use on a network firewall
On 2007-03-20 tom winter wrote:
> i'm trying to replace an ISA server used as proxy for incoming
> connections to a web and a mail server with a linux box.
> The iptables part is clear, also squid as proxy for client web access...
> but What can be used for layer 3 proxies for server publications?
What exactly is a "layer 3 proxy for server publications" supposed to
> http proxy should be able to:
> termination https connections (use http to internal servers)
Why would you want to break https?
> handle (s)ftp (maybe a separate component)
Why would you want to break ssh?
> link translation (replace internal links from the https servers)
> no chaching needed
Apache can be used as a reverse proxy.
> smtp relay (or proxy) should be able to
> deny smtp sessoins for unknown recipients
> use blacklists
I'd recommend Postfix, though virtually any MTA should do.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq