Re: question about proxy firewall

To: debian-security@lists.debian.org
Subject: Re: question about proxy firewall
From: Haim Ashkenazi <haim@babysnakes.org>
Date: Fri, 26 Sep 2003 12:49:46 +0300
Message-id: <[🔎] bl124a$891$1@sunsite.dk>
References: <[🔎] bkup09$4ru$1@sunsite.dk> <[🔎] 20030926024614.GB2885@tao.merseine.nu>

dsr@tao.merseine.nu wrote:
> The point of a protocol-proxy is that you want to provide services to
> the outside world, but you don't trust your server software to be robust
> against protocol-level attacks (buffer overflows, primarily). Since one
> of the points of Debian is to fix bugs in software, that's not
> particularly a direction that's interested anyone recently.
well, there were threads in this mailing list about breaking into an updated
woody hosts, so I guess that another layer of security couldn't harm...


> 
> However, the tools are in place to build your own. Generically, any
> protocol can be diverted to another program by the packet filtering
> system; it's trivial to send things on to other computers, too. There
> are lots of HTTP, FTP, SMTP, DNS, X... proxies available, some of which
> have been built with security in mind and others with other goals.
> 
> Look at packages simpleproxy, stone, totd, squid, xfwp, and in fact
> everything you get from an "apt-cache search proxy".
thanx

Bye
--
Haim

Reply to:

References:
- question about proxy firewall
  - From: Haim Ashkenazi <haim@babysnakes.org>
- Re: question about proxy firewall
  - From: dsr@tao.merseine.nu

Prev by Date: Re: The same debian - different packages
Next by Date: Re: services installed and running "out of the box"
Previous by thread: Re: question about proxy firewall
Next by thread: Re: question about proxy firewall
Index(es):
- Date
- Thread