Firewalls: Re: Raptor's Eagle Firewall

Firewalls
(June 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Raptor's Eagle Firewall
From:	Adam Shostack <adam @ homeport . org>
Date:	Sun, 2 Jun 1996 12:37:26 -0500 (EST)
To:	Russ . Cooper @ RC . Toronto . on . ca (Russ)
Cc:	peter @ baileynm . com, firewalls @ GreatCircle . COM
In-reply-to:	<01BB4FFB . C1CC5500 @ rwcooper . rc . toronto . on . ca> from "Russ" at Jun 1, 96 08:48:57 pm

Russ wrote:
(Responding, I think, to Peter Da Silva)
| >Why would you put your firewall into the same authentication domain as 
| >your users?
| 
| >Maybe I'm missing something, but that seems like you're putting an awful 
| >lot of trust in the NT security model.
| 
| Actually, its possible to establish a trust relationship between two 
| seperate NT domains such that attempts to log onto the Firewall Domain 
| would be validated against an internal Administrative Domain, but accounts 
| on the Firewall Domain would not be permitted to log into the 
| Administrative Domain.

	Could you expand on this?  How is the trust maintained?  How
is information moved between the two systems?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

References:

RE: Raptor's Eagle Firewall
From: Russ <Russ . Cooper @ RC . Toronto . on . ca>

Indexed By Date	Previous:	RE: Raptor's Eagle Firewall From: Russ <Russ . Cooper @ RC . Toronto . on . ca>
Indexed By Date	Next:	Re: packet filter From: Michael Dillon <michael @ memra . com>
Indexed By Thread	Previous:	Re: Raptor's Eagle Firewall From: John Betts <johnb @ aztec . co . za>
Indexed By Thread	Next:	Re: Raptor's Eagle Firewall From: peter @ baileynm . com (Peter da Silva)