>just lost the high level of security. Whoever wrote the original plug-gw
>started a downward trend in security that's rapidly becomming the
>default.
I take the blame for that, too. :)
Proxy #0 was sendmail (!) :) -- it was the sendmail configuration
on a box named "decuac.dec.com" that kind of triggered the
whole proxy idea... It was all Fred Avolio's fault.
Proxy #0.5 was DNS -- Vixie used filtering to let his through but
I realized "hey, I can do this without letting packets back
and forth..."
Proxy #1 was ftpxd (an FTP proxy)
Proxy #2 was telnetxd (a Telnet proxy)
Proxy #4 was nntpxd (a plugboard proxy) -- I posted source for it to
firewalls@greatcircle a couple weeks after the mailing list
started up. Back when there were something like 200 list members.
I did a posting (in Postscript) about day #2 of the list,
describing the whole architecture.
Anyhow, plug-gw was a feature of firewall toolkit. Between DEC SEAL
and fwtk, a couple of other vendors wrote their own covers of
SEAL, and they also had plugboard proxies (like nntpxd) -- ANS
and Raptor.
Plugboard security didn't really become the rage until Checkpoint
came out, a couple of years later, though arguably Cisco routers
had it all along. ;)
mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
