Firewalls: wais [please elaborate on Rik's notes]

Firewalls
(February 1993)

Indexed By Thread: [Previous] [Next]

Subject:	wais [please elaborate on Rik's notes]
From:	gjkriger @ gjk . OCUnix . on . ca (George J. Kriger)
Date:	Wed, 24 Feb 1993 07:54:09 -0500
To:	firewalls @ GreatCircle . COM

In "Notes from Usenix BOF", in reference to the San Diego Usenix, Rik
Farrow wrote:

>[Question:] Is it possible do do WAIS through a firewall?
>BC: No practical way to do WAIS through a firewall.
>Brian Berliner [berliner @
 sun .
 com]: No way to do WAIS through a proxy
>service.

Could someone please elaborate ?? Why ??

My users are likely to want to run wais, gopher and archie clients from
the internal side of the firewall. Currently, they would have to telnet
to a cooperative outside host and run the clients there. How is the former
more insecure than the latter ?

Eventually, my users may wish to offer a wais server. The notes above
cause me to hesitate offering this on the firewall. What security
problems will this cause ?

I could put these services on a sacrificial host outside the gateway, is
this the only "safe" way ??

My apologies if these are novice questions.
gjkriger @
 gjk .
 ocunix .
 on .
 ca

Follow-Ups:

RE: wais [please elaborate on Rik's notes]
From: bede @ linus . mitre . org

Indexed By Date	Previous:	rlogin?? From: dupuy @ tiemann . cs . columbia . edu (Alexander Dupuy)
Indexed By Date	Next:	Re: rlogin?? From: Marcus J Ranum <mjr @ TIS . COM>
Indexed By Thread	Previous:	Re: Cisco IGS and established From: Brent Chapman <brent @ GreatCircle . COM>
Indexed By Thread	Next:	RE: wais [please elaborate on Rik's notes] From: bede @ linus . mitre . org