If your untrusted NT is a remote machine on internet and if you really do not to access above protocols, consider using Securemote (VPN) , for that you need encryption license for Firewall if you already didn't have it. That way you force users to authenticate to Firewall first before using any such resources protected by Firewall. I
If you already know the IP address of NT machines, you can further
restrict access based on IP address also.
On a separate note, on UNIX server you might want to use some kind
of TCPwrapper, (such as tcpwrapper program, xinetd(instead of inetd.) etc..)
to restrict access on machine itself.
Rajeev
[EMAIL PROTECTED] wrote:
I had a dream:I have untrusted NT boxes that have (business requirement) to access shared
files on a Unix server placed in a DMZ behind a FW-1 (v4.1).
The 2 protocols that are possibly used are NFS or NetBIOS (SMB).
Is there a way for FW-1 to "secure" the access to my Unix box (I am thinking
about authentication or anything that can help).Any idea is welcome.
Thanx,Yannick Antoine
Network Security Engineer
Clearstream Services
mailto:[EMAIL PROTECTED]================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
-- ******************************************************************** Rajeev Kumar ([EMAIL PROTECTED]) http://www.rajeevnet.com ********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
