Firewall Wizards mailing list archives
RE: Proxy Server
From: "Joe Ippolito" <joe () joesnet com>
Date: Tue, 14 Sep 1999 22:18:09 -0700
This thread again? See attached. -----Original Message----- From: owner-firewall-wizards () lists nfr net [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of Gesino, Frank Sent: Sunday, September 12, 1999 8:11 PM To: firewall-wizards () nfr net Subject: Proxy Server Hello... I am working with a client who wants to use MS Proxy Server as a Firewall Solution....obviously a very bad choice. I am writing a report to strongly recommend they implement a true firewall. I was wondering if anyone had any good research to help me make my case even stronger. Thanks Frank Gesino Condor Technology Solutions -----Original Message----- From: Ryan Russell [mailto:Ryan.Russell () sybase com] Sent: Friday, September 10, 1999 6:33 PM To: sean.kelly () lanston com Cc: firewall-wizards () nfr net Subject: RE: Free NAT
From: Brock, Todd A [mailto:TB120060 () exchange DAYTONOH NCR com] Robert, I think you are touching on something that I have suspected for some time now. Specifically that it is not a long term workable solution that requires every single "host" have it's own globally unique IP address. In the not to distant future our breaker panels, security systems, air conditioners, toasters, etc. (ad vomiteum) will, all and every one, be "network accessible". I have thought for a while that a scheme that requires every single item that might need network connectivity to have a unique global address is and will continue to be unworkable.I don't beleive that this was ever the intention. How many people want or need the whole world to be able to connect to and control their toaster? I personally beleive that NAT and similar methods will not fade after (or are intended to be replaced by) the introduction of IPv6.
Not me. The mention of circuit breakers makes me shudder. I can just imagine someone flooding the $0.25 IP implementation with packets in such a way as to cause the breakers to open and close repeatedly, causing a fire. I wouldn't want to subject myself to a denial-of-house attack. Ryan P.S. Do you think I'll get into trouble when I want to firewall IP on the AC lines coming into my house? I could see PG&E wanting to mandate IP access to my meter & breaker box. :)
--- Begin Message --- From: "joesnet.com" <joe () joesnet com>
Date: Wed, 1 Sep 1999 21:46:40 -0700
Can't help you there since I think MS Proxy is a very cost effective and easy to manage firewall solution. If you don't need an easily configurable DMZ and the use of ICMP, it works great. It is quite secure with the packet filtering enabled and the latest service pack and hot fixes. If all you need is port address translation and you want to manage (and monitor) your user's access to the Internet with NT account permissions and save on bandwidth with the http cache, MS Proxy is certainly the most cost-effective solution available. However, if you are a large organization, need a functional DMZ, have varying inbound access needs, need the use of ICMP, and can afford the 20 times or greater cost, get a copy of Check Point's Firewall-1. In other words, it is more a question of functionality verses cost. -----Original Message----- From: owner-firewall-wizards () lists nfr net [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of TUDOR PANAITESCU Sent: Wednesday, September 01, 1999 6:14 AM To: firewall-wizards () nfr net Subject: COmpare Firewalls Hello everybody ! I am trying to convince the people in the IT dept. here that they should get rid of the Microsoft Proxy which is now the only "buffer" between our network (192.168.*) and the internet and to get a firewall. My questions are: 1. Can anybody point me to a site with some information about the poor reliability/security/etc. of M$ Proxy? 2. Can anybody point me to a site where I can find information on different firewalls in order to compare and (try to) choose the right one? and 3. I'm trying also to promote LINUX (RH6.0 with ipchains) as a temporary solution; can anybody point me to a site where I can find "tons" of information (especially advantages) of using LINUX ? ( success stories, important companies using LINUX as a firewall etc...). Thanks in advance and best regards, Tudor ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
--- End Message ---
Current thread:
- Proxy Server Gesino, Frank (Sep 14)
- RE: Proxy Server Joe Ippolito (Sep 18)