Firewalls: Re: Protecting our INTRANETS

Firewalls
(July 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Protecting our INTRANETS
From:	Michael Dillon <michael @ memra . com>
Organization:	Memra Software Inc. - Internet consulting
Date:	Wed, 24 Jul 1996 11:21:18 -0700 (PDT)
To:	firewalls <firewalls @ GreatCircle . COM>
In-reply-to:	<31F60CAE @ MX . IIPO . GTEGSC . COM>

On Wed, 24 Jul 1996, Watta Louis wrote:

> Problem is management wants to connect the dirty network to the corporate
> backbone to provide mail, httpd, etc... 

So you install a firewall between the two networks and block everything
except port 25 for email and....

> My problems is http.

port 70 for http. Make sure that nobody runs a web server on the corporate
network using anything other than port 80. Then set up one web server to
run on port 70 (normally used for gopher) and place things that the
dirty network is allowed to see on there. Any web servers within the dirty
network will still work fine as well. If you need to let the corporate
side see certain things on the dirty side then set up another web server
using port 70 on the dirty side.

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael @
 memra .
 com

Follow-Ups:

Re: Protecting our INTRANETS
From: Adam Shostack <adam @ homeport . org>

References:

Protecting our INTRANETS
From: Watta Louis <05000DAC @ MX . PACIFIC . GTEGSC . COM>

Indexed By Date	Previous:	Re: pop3 vulnerable? From: Craig Brozefsky <cosmo @ ebs . net>
Indexed By Date	Next:	Re: Encouragement of Service From: anonymous-remailer @ shell . portal . com
Indexed By Thread	Previous:	Re: Protecting our INTRANETS From: Brian Hatch <bri @ ifokr . org>
Indexed By Thread	Next:	Re: Protecting our INTRANETS From: Adam Shostack <adam @ homeport . org>