On Wed, 25 Apr 2001, David Lang wrote:
> it depends what you need to do.
>
> personally I would not start with redhat as the base for a firewall (given
> a choice, it can be locked down if you spend enough time on it) but other
> distros are much better.
If you custom install, it takes all of 4 minutes to lock down a RH box to
about as well as any other distribution. (inetd.conf or xinetd, inittab,
lilo boot parms, and sysv startup script nuking.) I think it's an extra 4
minutes if you take one of the silly default installs.
> for proxies you can usually use the FWTK (www.fwtk.org). while the proxies
> do have their limits, within those limits they work well.
After pouring through code and trying to do some modifications (adding in
RADIUS authentication AIR), I'd generally take Apache's mod_proxy over
http-gw unless active content filtering needs to be put in place. That
just could say something about my code reading skills though :)
Otherwise fwtk is a solid recommendation.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
