Firewall Wizards mailing list archives
Proxy firewall design.
From: Darren Reed <darrenr () cyber com au>
Date: Tue, 10 Mar 1998 23:14:23 +1100 (EST)
A common theme amongst proxy firewalls running on Unix is to limit the exposure through use of chroot. How many of these segregate it further such that (say) the smtp proxy uses /fw/smtp, ftp uses /fw/ftp, etc ? I'm aware of chrooting used for WWW & mail, but I can't see why you wouldn't use it for all of them. For example, FWTK 2.0 doesn't support chroot for plug-gw or x-gw but it does for all the others. Of course, you might even chroot to /fw first, before running any of your proxies... Darren
Current thread:
- Proxy firewall design. Darren Reed (Mar 10)
- Re: Proxy firewall design. Bernhard Schneck (Mar 11)
- Re: Proxy firewall design. tqbf (Mar 12)
- <Possible follow-ups>
- RE: Proxy firewall design. Joseph Judge (Mar 12)
- Re: Proxy firewall design. Paul McNabb (Mar 12)
- Re: Proxy firewall design. Bernhard Schneck (Mar 11)