Firewall Wizards mailing list archives
Accessing a UNIX server through MS Proxy server 2.0
From: "Joe Ippolito - President SVNPA" <joe () joesnet com>
Date: Tue, 9 Jun 1998 15:44:10 -0700
As long as the UNIX host is a Socks 4.3 client you can use pretty much any TCP application including telnet. You will need the identd service running on the proxy box and if you are using the packet filtering you will need to create a rule (as in any other fire wall) to let it through. You can not do any applications requiring UDP through the socks proxy or ICMP though any of the proxy services. If you need to provide complete services to UNIX clients try a full service firewall like Firewall-1. If you want to make a small pipe look really fast for gobs of WinSock clients and have a stateful packet-inspection firewall, secure web publishing, etc. etc. for really cheap use MS Proxy 2. A book I can recommend is "MCSE: Proxy Server 2 Study Guide", Erik Rozell et. al., Sybex Network Press, 1998. It is a bit wordy but quite thorough and the price is much more reasonable than MS courseware. The documentation provided with MS Proxy is also very well done. You need to have IE 4 and Index Server installed to use it. -----Original Message----- From: owner-firewall-wizards () nfr net [mailto:owner-firewall-wizards () nfr net] On Behalf Of Itai Dor-on Sent: Wednesday, June 03, 1998 12:36 AM To: Taylor, Gregory - Open Systems; firewall-wizards () nfr net Subject: Re: Accessing a UNIX server through MS Proxy server 2.0
So, bottom line is you can't proxy telnet (your only alternative is to open up to the world!!) and there are some concerns over its FTP proxy. If I were you I would buy a firewall ;-)
I suggest you buy a book on Microsoft Proxy Sever 2.0/1.0 as your response clearly shows that you don't understand its architecture. You *can* proxy Winsock 1.1 compliant applications (e.g TELNET) using MSP Winsock Proxy module. As for FTP sessions, you could proxy them using the Web Proxy module and do a content scan using ISAPI . What makes a product a 'good firewall' is its ability to reinforce the company security policy and to do it well. If Microsoft Proxy server can do that for your company then it is not a less secure solution than any other firewall vendor (e.g Checkpoint, TIS etc.). The tricky part is to know how to define a security policy and to map it to technical requirements. Cheers, Itai.
Current thread:
- Accessing a UNIX server through MS Proxy server 2.0 De los Santos, Ariel (Jun 01)
- <Possible follow-ups>
- Re: Accessing a UNIX server through MS Proxy server 2.0 Taylor, Gregory - Open Systems (Jun 02)
- Re: Accessing a UNIX server through MS Proxy server 2.0 Itai Dor-on (Jun 03)
- Accessing a UNIX server through MS Proxy server 2.0 Joe Ippolito - President SVNPA (Jun 10)
- RE: Accessing a UNIX server through MS Proxy server 2.0 Taylor, Gregory - Open Systems (Jun 12)
- Accessing a UNIX server through MS Proxy server 2.0 Joe Ippolito (Jun 12)
- Re: Accessing a UNIX server through MS Proxy server 2.0 Brian Steele - MAIL.SPICEISLE.COM (Jun 13)