Firewall Wizards mailing list archives
RE: Host based IP ACL like TCPWrapper or IP_Filter, but for NT?
From: "James D. Wilson" <netsurf () sersol com>
Date: Tue, 1 Jun 1999 06:05:47 -1000
Interix (was OpenNT) runs on top of the NT Kernel doing POSIX Unix and has recently ported TCP Wrappers, inetd, sendmail, telnetd, ftpd, syslogd, and a variety of other apps. This gives you the ability to do some of your filtering on the Unix side of your NT Server if you want. - James D. Wilson "non sunt multiplicanda entia praeter necessitatem" William of Ockham (1285-1347/49) -----Original Message----- From: owner-firewall-wizards () nfr net [mailto:owner-firewall-wizards () nfr net]On Behalf Of Bill_Royds () pch gc ca Sent: Sunday, May 30, 1999 4:54 AM To: Alan Morewood Cc: firewall-wizards () nfr net Subject: Re: Host based IP ACL like TCPWrapper or IP_Filter, but for NT? "Alan Morewood" <morewood () on bell ca> on 05/26/99 01:41:09 PM Please respond to "Alan Morewood" <morewood () on bell ca> To: firewall-wizards () nfr net cc: (bcc: Bill Royds/HullOttawa/PCH/CA) Subject: Host based IP ACL like TCPWrapper or IP_Filter, but for NT? Does anyone have ideas as to a feasible solution for doing IP ACL restrictions on a DMZ host? Or does this seem excessive considering 2-factor authentication is to be used. details as follows: <snip a good explanaition of the situation> NT has no direct IP_Filter equivalent, although there is at least one option of which I am aware. --------------------------------------------- NT has the ability to restrict ports that can be used by machine in Control Panel/Networks/Protocols/Advanced settings. As well, have you looked at things like the ConSeal firewall (http://www.signal.com) whcih fit between the Ethernet layer and TCP/IP stack to enforce a security policy? THis would seem like the closest to TCPWrappers for NT and it even validates UDP/ICMP as well.
Current thread:
- RE: Host based IP ACL like TCPWrapper or IP_Filter, but for NT? James D. Wilson (Jun 01)