The situation is seemingly hopeless:) http-gw provides no authentication. I mean, "no", 'n' and 'o'. The Gauntlet comes with "ahttp", an http proxy just for authentication, and a one that calls http-gw for the rest. squid provides authentication, but I won't run it on a FW. The fact that it provides that nice thing called caching just means it was written for something elese than security. so until audited, proved, ..., I won't run it on a FW. I guess these gentlemen are suggesting using squid on an internal machine... cheers, mouss At 14:39 24/03/01 +0100, Magic Phibo wrote: >n Sat, 24 Mar 2001, Truman Boyes wrote: > >any reason you choose http-gw over squid ? > >You could do authentication thru squid (ncsa-auth) and then forward the >requests >to http-gw. You still benefit of the caching feature of squid and improve >security by content filtering of the http-gw (activeX and so on..). Have a >look >at the readme/faq of squid. It is well described how to do this. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
