home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky alt.sys.sun:3527 comp.security.misc:2409 comp.sys.sun.admin:9865 comp.unix.admin:6861 comp.unix.questions:15108 comp.unix.wizards:5360
- Newsgroups: alt.sys.sun,comp.security.misc,comp.sys.sun.admin,comp.unix.admin,comp.unix.questions,comp.unix.wizards
- Path: sparky!uunet!munnari.oz.au!comp.vuw.ac.nz!cabernet!chuck
- From: chuck@corp.telecom.co.nz (Chuck Zheng)
- Subject: internet firewall: packet selecting/forwarding
- Message-ID: <1993Jan2.091216.10624@corp.telecom.co.nz>
- Keywords: security, internet, firewall, packet, filter
- Organization: Telecom New Zealand, Wellington, New Zealand
- Date: Sat, 2 Jan 1993 09:12:16 GMT
- Lines: 26
-
- Hello,
-
- I am interested in building a internet firewall to restrict un-authorised
- (potential) access to my network. The resources I have are sun3 sun4 and pcs.
- Can anybody tell me how to implement it?
-
- I have read Garfinkel & Spafford's "Practical Unix Security" (O'Reilly & Assco).
- It introduced the concept of internet firewall's choke & gate, and what need to
- do, but not how, especially, not about how to filter packets on unix. I guess
- something have to be done about inetd.conf, to shut down some service. But how
- to forward a telnet packet from choke to gate?
-
- I read log_tcp/tcp_wrapper README. It seems to me that it can filter packets
- based on host infomation. But I do not feel it can offer same level of protec-
- tion as separate choke & gate. Does it handle unauthorized nfs mounting?
-
- I would like to learn from your experience (if any) dealing with internet
- security. Any comments will be appreciated.
-
- Chuck
-
- --
-
- --
- Chuck Qun Zheng
- Telecom Corperate Office
-
