> I am due to connect to the internet soon and am looking at firewalls and
> other security for PC's as all we have are one sun stuffed full of the most
> confidential data and a network of PC's most running NT or Workgroups. I
> have one PC to play with for security which I guess I can give over to any
> OS I want. Any comments on your solutions and why/how you chose them would
> be most welcome. Please put my name in the subject bar if you have time to
> reply as until we are connected we are on a shared account (ACK!!!!). Many
> Rufus Evison
> Magician and part time security consultant.
We chose BSDI because the fwtk was/is tested and porting the software would be
much easier. The BSDI is very inexpensive, is standard BSD uses sockets and
the pain/anguish of getting the toolkit up and running was straightforward.
I did run into some global problems with the toolkit and compiling it. But
I believe this to be an incompatibility with the "make" program, and one
#define (sys_errlist) already in stdio.h other than that it was clean.
We really did not have the time to spend on porting to some other platform
so time was/is of the essence to get the firewall up and operating.
AS A NOTE:
(BSD compared to SysV is much more simpler) I say this after
having worked exclusively with sysVr3 for almost 5 years.
The BSDI kernel was trimmed down from the GENERIC build to just
what we needed to install the toolkit and get it running. (We
could post the config if needed, but I would like to do that to
just people who need it.
We are in the testing mode now and are looking to run benchmarks on the
platform in use. We will post these as they are available.
DLA Systems Design Center
Office of Technology Infusion
> In message Thu, 4 May 1995 20:08:58 -0400 (EDT),
> nto2584 @
mil (Steven Payne) writes:
> > hi,
> > I am presently installing/testing a firewall based on the tis fwtk
> > and running on a 486 under bsd/os. My problem is I do not have the
> > kerberized rlogin working properly. We modified the port from 513 to
> > 543 and recompiled rlogin-gw. It isn't quite working yet, so I thought
> > I would pose the question to the net and see if it's already been done.
> > We suspect that the negotiation of rlogin (kerberized client to the
> > rlogind -k server) may be a cause of the problem. Anyone have any
> > ideas, or better yet a completed kerberized rlogin-gw ?
> > Any help would be appriciated. If we have to write the kerberized
> > rlogin-gw sources may be possible to be obtained. Is there any interest
> > or any ideas on this subject?
> > thanks
> > steve payne
> > DLA Systems Design Center
> > Office of Technology Infusion
> > 614-692-9991
> > home page
> > www.dsac.dla.mil