RE: Linux firewall options

From: Kurt Buff (kurtbuffat_private)
Date: Tue Jan 25 2000 - 09:41:50 PST

Next message: Jayson Broughton: "Re: Attack on port 2140??"

Previous message: Aaron D. Turner: "Re: Bypassing firewall"
Maybe in reply to: Mayne, Peter: "Linux firewall options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

One of your better bets is Freshmeat

http://www.freshmeat.net

or more specifically,

http://www.freshmeat.net/appindex/console/firewall%20and%20security.ht
ml

Kurt

| 
| On Wed, Jan 12, 2000 at 09:05:00AM +0800, Mayne, Peter wrote:
| > Given Linux (say RedHat 6.0 or greater) as a base, what options
| > are available to build firewalls? Is there a "Linux firewalls" 
| site somewhere?
| > 
| > ipchains is an obvious place to start for basic packet filtering
| > functionality, but I'd prefer something more substantial. I 
| could use Apache
| > or Squid (depending on circumstances) as a Web proxy, for
| > instance.  
| > 
| > I don't think FWTK can be used in a commercial environment 
| because of the
| > license restrictions. Is there something similar out there 
| that is otherwise
| > usable?
| 
| I know that there are such sites out there.  I don't have them at
| my fingertips, though, and I'm sure that there are others that do.
| 
| Many commercial sites do use FWTK.  It is a firewall toolkit,
| though, and not a firewall.  IIRC, the license prohibits commercial
| re-distribution, not commercial use.
| 
| Many other sites use ipchains.  Packet filtering only makes me
| uneasy, tough.
| 
| Apache, Squid, BIND, and Sendmail can all be used as proxies,
| although again the sheer complexity of code in, specifically,
| sendmail may make it less desirable as a proxy.
| 
| -- 
| Joe Yao				jsdyat_private - 
| Joseph S. D. Yao
| COSPO/OSIS Computer Support					EMT-B
| --------------------------------------------------------------
| ---------
| This message is not an official statement of COSPO policies.
| 

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQEVAwUBOI3gXnbbun6mUpkrAQHvwwgAkuc1spazOy80dAsU9LQnJWhdg4XKe6n8
8f5rpW+vhXz5JSWJmatRz6hVP7d2vvFjg4beupN14YMZbGxZx6eEmV6tLPeDFzJ3
/CtVrpJgM3CQD27a9QYHXA9NbzD/ScfWuSGD4uLT+xZQnsyIzVmtsTNq/HK6xZ8d
b33lNXsgvRNM7BhI0pn6OySWwK8q86liFjXsnFpv2JeL+/1PoGnitq0KhwDc7ay1
eLct/X0HD56nb9KaM2uCt1UwOiMtFA3ltl/udEnuisBSQsKt7gSc+ikUT7FWMz6W
5Ym34Vga1ybIoCKax/GdTAiUceumMAamWrPcTQH1WUkChzPev8RcKA==
=yq9+
-----END PGP SIGNATURE-----

Next message: Jayson Broughton: "Re: Attack on port 2140??"
Previous message: Aaron D. Turner: "Re: Bypassing firewall"
Maybe in reply to: Mayne, Peter: "Linux firewall options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:13 PDT