Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards: Proxy firewall design.

Proxy firewall design.

From: Darren Reed <darrenr_at_cyber.com.au>
Date: Tue, 10 Mar 1998 23:14:23 +1100 (EST)

A common theme amongst proxy firewalls running on Unix is to limit the
exposure through use of chroot. How many of these segregate it further
such that (say) the smtp proxy uses /fw/smtp, ftp uses /fw/ftp, etc ?
I'm aware of chrooting used for WWW & mail, but I can't see why you
wouldn't use it for all of them. For example, FWTK 2.0 doesn't support
chroot for plug-gw or x-gw but it does for all the others. Of course,
you might even chroot to /fw first, before running any of your proxies...

Darren
Received on Mar 10 1998

This message: [ Message body ]
Next message: Paul D. Robertson: "Re: DNS -vs- the firewall: security thoughts"
Previous message: Christopher Nicholls: "Re: BorderManager vs MS Proxy server 2"
Next in thread: Bernhard Schneck: "Re: Proxy firewall design."
Reply: Bernhard Schneck: "Re: Proxy firewall design."
Maybe reply: Joseph Judge: "RE: Proxy firewall design."
Maybe reply: Paul McNabb: "Re: Proxy firewall design."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]