On Sat, 17 Jan 1998 daemond @
ibm .
net wrote:
* ->
* ->
* ->On Sat, 17 Jan 1998, David A. Baldwin wrote:
* ->
* ->* ->Why don't you simply recommend that they purchase 1 commercial firewall,
* ->* ->and set up the telnet, ftp, http, and smtp proxies? If you want packet
* ->* ->filtering and the company has a T1, then they probably have a Cisco or a
* ->* ->Bay router and you can packet filter with that if you want an additional
* ->* ->level of filtering.
* ->
* ->If only it were that simple. These admins already rejected an original idea
* ->of mine using a proxy server and filtering. BTW- They are using a CISCO
* ->right now, but I'm not sure if they even know how to enable its filtering
* ->cabalities (bad thing). If they do then they're careless since no filtering
* ->rules appear to be in place (courtesy of a SATAN and Strobe scan). L8r.
Actually I should be more specific in saying why they rejected the proxy
server/packet filter idea. Reason: they said that the proxy server would
need more horse power than they could afford. One question: how much horse
power does a system need to have to support 100-150 nodes connected to a T-1
using something like Gauntlet (or more to the point: what's a typical
system configuration for something running Gauntlet, Firewall-1, etc?)?
L8r.
-----------------------------------------------------------------------------
Geoff Gowey | NetBSD: the best multi-platform OS
daemond(at)ibm.net | www.netbsd.org
*****************************************************************************
Spammers beware: I do not buy from companies that spam and I keep track!
Above policy STRICTLY ENFORCED!
*****************************************************************************
"All I ask is for the chance to prove that money can't buy me happiness"
or more simply put "SHOW ME THE MONEY!!!"
References:
|
|
