As I have received quite a few e-mails asking for the responses, I am
posting them to the list. Thanks to the following who replied to my
request for a step-by-step guide to installing a firewall (on a SUN):
-- The original message --
> Is there a step-by-step guide to setting up a firewall? A company here in
> UK wants to get onto the internet but very worried about "crackers". They
> are interested to set up a "very" secure network, and quite interested to
> try the firewall concept.
>
> The company doesn't have much system administration experience and hence,
> looking for a step-by-step guide to installing one. The "firewall" book
> reviews over the net suggest that one has to be an expert to understand
> one. Is there a general purpose (down-to-earth) step-by-step guide
> (available in the public domain) compiled by an admin expert (for SUNs)?
>
> Please reply by e-mail and I shall pass on the responses. I may post the
> responses if I see much interest in this.
>
> Thanks.
>
> Rana
Marcus J Ranum <mjr @
tis .
com>
Organization: Trusted Information Systems, Inc. Glenwood, MD
Phone: 301-854-6889
Paul Vickers <Paul .
Vickers @
barclays .
co .
uk>
David Wolfskill <david @
greatbasin .
com>
jbs @
Quiotix .
COM (Jeffrey B. Siegal)
Phil Trubey |
NetPartners | Providing Internet products and services.
E-mail: phil @
netpart .
com | Home Page: http://www.netpart.com/
Phone: 714-759-1641 |
Omy Shani email: omy .
shani @
sun .
com
Technical Consultant office: (415) 688-9164
Sun Microsystems FAX: (415) 688-9206
2550 Garcia Ave m/s UMPK02-225; Mountain View, CA 94043-1100
brandon @
rd .
bbc .
co .
uk (Brandon Butterworth)
-- Useful hints --
From: Marcus J Ranum <mjr @
tis .
com>
It definitely takes some expertise, but you might want to look
at the firewall toolkit: ftp.tis.com: pub/firewalls/toolkit
mjr.
From: David Wolfskill <david @
greatbasin .
com>
TIS (Trusted Information Systems) has a "Firewall Toolkit" ("fwtk") available
from ftp.tis.com. Thank Marcus Ramun & friends.
david
--
David H. Wolfskill david @
greatbasin .
com
From: jbs @
Quiotix .
COM (Jeffrey B. Siegal)
Quiotix is currently engaged in the development of a packaged ready-to-run
firewall product, although the product is some time away from general
availability. We are interested in maintaining a dialogue with potential
customers, so that we can be in touch with your requirements and
expectations. Essentially, the product is designed to provide reasonable
security through a high level of control over network activity between an
organization and the outside, without requiring a great deal of technical
expertise to configure, install, and maintain.
If you would like to participate, please send me a note with a little
information on your requirements for such a product, and your role in
maintaining network security.
Jeffrey Siegal
From: Phil Trubey <phil @
netpart .
com>
My take is that one does really need to be an expert in security, TCP/IP,
and the host operating system of the firewall to properly install
and maintain a firewall. What you don't know *will* hurt you as
it is a certainty that some hacker somewhere knows about the security
holes of your particular set up.
As an alternative to rolling your own, you can now buy off the shelf
firewall solutions. Our company manufacturers and sells a turn
key communications device that integrates a dedicated line router
for attachment to the Internet, a commercial application proxy
firewall and all common Internet servers into one easy to use
device. For more information, send mail to janus @
netpart .
com
to receive an automated response, or send mail to sales @
netpart .
com
to talk to a sales critter. The whole software/hardware combination
sells for US$15,995 - a bargain considering how much time and
effort (and expertise) it takes to implement your own firewall.
--
Phil Trubey |
NetPartners | Providing Internet products and services.
E-mail: phil @
netpart .
com | Home Page: http://www.netpart.com/
Phone: 714-759-1641 |
From: Omy .
Shani @
Corp .
Sun .
COM (Omy Shani - SunIntegration)
Rana,
Sun Consulting, a group in Sun, is in a process of putting together a
firewall solution which would include a step-by-step cookbook. It is
an application (proxy) firewall and would be based on our
consult-igateway special (ftp and telnet proxy-servers). It would also
allow Mosaic users access outside the firewall via the telnet
proxy-server.
It would be available in Q4CY94 and we estimate its price to be
$5,000. At this point we would consider some sites for its beta
testing.
regards,
-omy
---------------------------------------------------------------
Omy Shani email: omy .
shani @
sun .
com
Technical Consultant office: (415) 688-9164
Sun Microsystems FAX: (415) 688-9206
2550 Garcia Ave m/s UMPK02-225; Mountain View, CA 94043-1100
---------------------------------------------------------------
From: brandon @
rd .
bbc .
co .
uk (Brandon Butterworth)
I don't believe such a guide exists, it certainly would become out of date
almost every month as new bugs are discovered. However there are people
over here who offer firewall services.
I believe you can get Pipex/Exnet/other net providors to do consultancy.
I built the BBC firewall and know Damon at Exnet has done similar
things for other companies (he wrote a firewall package that is
available commercially).
Brandon
Follow-Ups:
|
|
