You can configure your firewall to allow FTP connections through. However this
is generally considered a really bad thing to do for several reasons:
1. FTP passes passwords in clear text - anyone on the Mediaone segment can sniff
them out.
2. Piercing a firewall is generally just a bad idea. (But frequently done for
economic/sysadmin reasons).
3. wu-ftpd has been compromised so often due to programming bugs and poor/old
design that most people who care have lost count. Although most of the bugs have
been promptly fixed (of late), there's likely more.
A slightly better solution would be to have the web and ftp server on a separate
system inside the firewall, and have the firewall route traffic to/from the ftp
and http ports to those systems.
And an even better solution would be to use ssh to update the web pages. But
this can be an sysadmin headache if the user community doesn't understand public
key cryptography.
However, if you have the firewall only for masquerading, and you really don't
care about security, then you might as well put everything on the firewall box
(ftp, web, mail, ...) You'll need a moderatly powerful system to handle the
load, but those are relatively cheap... And you should advise your user
community that the site should not be considered secure.
--Bruce
Quoting Tom Laurie <[EMAIL PROTECTED]>:
> I am helping a school that has a Mediaone connection coming into a Linux
> box
> running IPChains with a NT network behind it. I want to know if I can
> do
> the following things and how to do them if I can.
>
> 1. Set up IPChains so that I can FTP to my apache directory from
> outside
> the network?
>
>
> 2. Allow e-mail from outside the network to be routed to a Novell
> Groupwise
> pop server inside the network?
>
>
>
> Thanks
> Tom Laurie
> NH Office of Emergency Management
> Systems Manager
> 603 223-3617
>
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
>
-------------------------------------------------
This mail sent through IMP: brucedawson.ne.mediaone.net
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
