Following up from the 'Is Linux secure enough?' question (to which the answer was "We all think so" :-) I was wondering what more I could make this system offer over our current firewall.
At the moment the current system is purely packet filtering, but I know that when we first put it up we were thinking about having a proxy firewall for FTP. Are there any proxy packages I should take a look at? Also, the firewall policy tends to be all incomming connections are denied (with the exception of a few key systems from the ISP), only outgoing Web and FTP ports are open. The incomming side of this seems sensible to me, but the outgoing side seems to me to be locking the gate once the horse has bolted. Either you plug the holes with proxies, or there is little reason to limit the ports available for outgoing traffic. Comments? Cheers Paul -- Paul Sargent mailto: [EMAIL PROTECTED]
