Firewalls: Re: TIS FWtk + netscape

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: TIS FWtk + netscape
From:	Todd Graham Lewis <lists @ reflections . mindspring . com>
Date:	Fri, 17 Jan 1997 19:00:55 -0500 (EST)
To:	"D. Todd Meckenstock" <toddmeck @ onramp . net>
Cc:	Firewalls Mailing List <firewalls @ GreatCircle . COM>
In-reply-to:	<199701151508 . JAA02295 @ gatekeeper . paymentech . com>

On Wed, 15 Jan 1997, D. Todd Meckenstock wrote:

> If your are using your web browser to do things like ftp://domain.com/pub,
> this is actually implemented over the http protocol as an anonymous login
> and does not use the ftp-proxy at all. If you need username/password
> sign-on to ftp sites, you have to implement the ftp proxy.

This is not actually true.  Yes, your browser forwards the request to your
proxy over port 80, but you can pass username and password information.
The usual convention (and this is probably the standard for these URLs
rather than merely a convention, but that's a guess) is:

ftp://username:password @
 host/path/file

You can pass this to Squid and it will merrily fetch objects for you all
day long.  Your life will probably be easier, however, if you just put
ftp-gw on your firewall and give ws-ftp to all of your users.

Placing a login on your firewall for this purpose is dangerous, and I
advise against it.

__
Todd Graham Lewis             Linux!                 Core Engineering
Mindspring Enterprises  tlewis @
 mindspring .
 com   (800) 719 4664, x2804

References:

Re: TIS FWtk + netscape
From: "D. Todd Meckenstock" <toddmeck @ onramp . net>

Indexed By Date	Previous:	Virus check behind the FW.... From: "Cihan Subasi (Garanti Tic)" <CihanS @ garanti . com . tr>
Indexed By Date	Next:	RE NT or UNIX From: Russ <Russ . Cooper @ RC . on . ca>
Indexed By Thread	Previous:	Re: TIS FWtk + netscape From: ArkanoiD <ark @ paranoid . convey . ru>
Indexed By Thread	Next:	NEC's PrivateNet Firewall From: Bob Russell <caeits @ compusmart . ab . ca>