Re: Proxy servers in Linux

To: Debian Userslist <debian-user@lists.debian.org>
Subject: Re: Proxy servers in Linux
From: kmself@ix.netcom.com
Date: Wed, 16 Aug 2000 00:34:16 -0700
Message-id: <20000816003416.Q18621@ix.netcom.com>
Mail-followup-to: karsten, Debian Userslist <debian-user@lists.debian.org>
In-reply-to: <39986BED.43D98E8B@theiqgroup.com>; from kcorbin@theiqgroup.com on Mon, Aug 14, 2000 at 05:00:13PM -0500
References: <Pine.LNX.4.21.0008141347560.32676-100000@powertux.md.prognet.com> <39986BED.43D98E8B@theiqgroup.com>

The three general solutions I could think of for this are:

  - Port forwarding via ssh.  Forward an internet-accessible port to the
	Oracle port of the database server.  Traffic connecting to the
	external port will be forwarded to Oracle.  This may be insecure and
	expose your database to the Internet.

  - Network Address Translation (NAT), aka masquerading under Linux.
	Remapping an external address to the internal Oracle port.  This may
	be insecure and expose your database to the Internet.

  - VPN.  I'm less familiar with this technology, but believe it can be
	used to create a *general* channel between a specific host and your
	internal LAN.  The advantage over the above two methods is that this
	would offer both authentication and encryption of data over the
	Internet. 

There may be other access modes available.  Note that anything which
directly or indirectly opens the Oracle port to Internet traffic is a
potentially grave data security/integrity threat.


On Mon, Aug 14, 2000 at 05:00:13PM -0500, Kelly Corbin wrote:
> Specifically, I need to access Oracle on a machine that is only
> accessible through a web server.  The web server has two network cards,
> one is for the net, the other connects to the Oracle server through a
> switch.  The Oracle server and the second NIC are on a private local
> network (through 198.162.1.1 addressing).  This eliminates the security
> risk of putting the Oracle server on the Internet.  It also makes the
> Oracle server only accessible to the web server.  I have read, that it
> can be accessed by using a proxy server (on the Oracle port), but I
> don't know what or how to set this up.  I hope this gives a little
> better picture of what I am trying to do.
> 
> Thanks!
> 
> Kelly
> 
> Tom Marshall wrote:
> > 
> > The question is a bit vague, but I would suggest looking at rinetd.
> > 
> > On Mon, 14 Aug 2000, Kelly Corbin wrote:
> > 
> > > Any one know how to set up a proxy server for a particular port in
> > > Debian?  Couldn't find any info in the archives.  Any help would be
> > > appreciated.
> > >
> 
> 
> -- 
> Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
> 

-- 
Karsten M. Self <kmself@ix.netcom.com>     http://www.netcom.com/~kmself
 Evangelist, Opensales, Inc.                    http://www.opensales.org
  What part of "Gestalt" don't you understand?   Debian GNU/Linux rocks!
   http://gestalt-system.sourceforge.net/    K5: http://www.kuro5hin.org
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0

Attachment: pgpTGqe_gY_6g.pgp
Description: PGP signature

Reply to:

References:
- Re: Proxy servers in Linux
  - From: Tom Marshall <tmarshall@real.com>
- Re: Proxy servers in Linux
  - From: Kelly Corbin <kcorbin@theiqgroup.com>

Prev by Date: Re: Licensing Information Request
Next by Date: Re: Netscape Bus Error
Previous by thread: Re: Proxy servers in Linux
Next by thread: need to constantly force-reload networking
Index(es):
- Date
- Thread