On Tue, 2005-03-22 at 18:21 +0100, Ramon Casha wrote:
> iptables is secure in that it is built into the kernel and thus more 
> difficult to bypass. On the other hand it does not differentiate between 
> applications. However for a 50+ PC scenario I'd have a dedicated 
> firewall/gateway PC. You could then set up your computers so that all 
> mail is sent via a dedicated mail server, using authentication for smtp, 
> and the firewall would only allow that server to do outgoing smtp, 
> rather than allowing every PC to send mail directly. Having said that I 
> haven't checked out whether there are any firewalls that can 
> differentiate between applications, or possibly special versions of the 
> kernel (such as the selinux patches) that can do the trick.

Perhaps the best solution here would be to install a firewall (a real
one, *anything* running on MS doesn't count) and a proxy server too. In
this manner you have fine control over what is communicating into and
out of your network.

BTW, Linksys runs Linux. :0) 

Regs.

Iain.

Reply via email to