From: Gelb, Ed
To: Jeffry Tank
Subject: RE: IP/IPX gateways
Date: Wednesday, March 13, 1996 10:32EDT
Jeffry,
Let me establish a basis before I answer your question>>>>
First the Lan connected to the Internet is a Novell 3.12 or Novell 4.1x+.
Second you must feel confident that your login and password authorities to
the server connected to the internet is SECURE and CANNOT be breached.
Now let us assume that you have a Novell connected to Internet with two
adapter cards... one card is not doing the work of TCP/IP and IPX...
Let me assume that the IPX bound card is to your intracompany LAN or WAN
environment and that the IP card is to the internet.
Let me also assume that you are running WWW , FTP and SMTP daemons on the
internet server.
Then you CAN create a inpenetratable system .. where internet people can use
your WWW and FTP servers and your internal people can use the SMTP services.
IP tunneling is a NO NO to the IPX card. Refer to your Novell manuals on
the packet typology for IP and non-IP packets and you will see the
differences in the information send by these two packets.
Regards,
Ed
----------
From: Jeffry Tank
To: firewalls
Subject: IP/IPX gateways
Date: Wednesday, March 13, 1996 09:51EDT
Can anyone tell me if it true that by putting an IP/IPX gateway between your
internal IPX lan and your internet server, you can prevent _all_ attacks to
your system from the outside (the internet)? Seem too simple to me, but some
folks at my company insist that this is true. What about IPX packets
wrapped in an IP layer? (assuming this can be done) Then when the IP layer
is stripped off at the gateway couldn't the IPX parkets contain info to
inflict damage to the internal network, at say the Novell server?
TIA
Jeff
|
|
