On 3 Nov 99, at 21:18, Arkady Yerukhimovich wrote:
> I need to set up a firewall on a network of about 15 pc's running
> Windows NT and 98. I need to set up an NT web and e-mail server
> on this network and protect the internal network from unwanted
> access. I have the Microsoft Proxy Server software and I was
> wondering if using it would be a good solution to my problem. I
> am just starting in the area of internet security and therefore
> any help and suggestions would be greatly appreciated.
>
> Thank you,
> Arkady Yerukhimovich
Proxy Server makes a decent proxy server (big surprise!) but it
needs both NT and IIS -- and it's improbable that it corrects all of
the security deficiencies of those products which were unknown when
Proxy Server was being written. It greivously violates the principle
-- nicely framed in the Bellovin & CHeswick book -- that a firewall
box should be running as little code as possible.
So while its packet filter is "better than nothing", it's not
enough better to really let you sleep well. You may, perhaps, want
to look at third-party solutions that run on NT, but my own
recommendation would be to look at a low-end[*] dedicated box (like
NetScreen) or, a Linux-based solution.
David G
[*] Hey, 15 PCs is a pretty small LAN....
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
