Firewalls: Re: lpr/lpd and firewall

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: lpr/lpd and firewall
From:	"Adrian F. Setton" <asetton @ lightech . com . ar>
Organization:	LighTech
Date:	Sun, 16 Feb 1997 14:39:38 +0300
To:	Firewalls @ GreatCircle . COM
Reply-to:	asetton @ lightech . com . ar

The best solution that we've crafted (and with wich we are satisfied)
is:
* Packet filtering on the proper tcp port & machine pairs.
* Encryption in order to avoid sniffing. In order to do this we are
  using lpr/lpd for executing commands. So we have multiple queues
  defined. First of all an encryption queue in the same network of the
  lpr client. Then a decryption queue in the same network of the lpd
  server. And finally a printing queue at the lpd server.
  Our packet filters only allow communications between the encryption
  machine and the decryption machine (in some cases the decryption
  machine is the same as the lpd machine).
It works fine, and we feel pretty comfortable with the security (we
are using PGP for encryption and authentication).
This solution is now being used by one of our customers in order to
print across the Internet worldwide.
Any comment will be welcomed.
--
Adrian F. Setton
LighTech                        Voice:  (54-1) 373-1141
Ayacucho 563. Piso 13 Of. "A"   FAX:    (54-1) 373-1215
Buenos Aires                    e-mail: asetton @
 lightech .
 com .
 ar
Argentina                       URL:    http://www.lightech.com.ar

Indexed By Date	Previous:	RE: Limiting "Simultaneous" Logins through Fwall From: Gene Lee <genel @ inforamp . net>
Indexed By Date	Next:	Re: lpr/lpd and firewall From: Benedikt Stockebrand <benedikt @ devnull . ruhr . de>
Indexed By Thread	Previous:	Re: lpr/lpd and firewall From: Benedikt Stockebrand <benedikt @ devnull . ruhr . de>
Indexed By Thread	Next:	Guardian questions From: Bill Powers <powersw @ magic . bunt . com>