SOCKS works great for applications that listen() behind the masq gateway,
such as ICQ, something that MASQ just can't do without extra configuration
(ala forwarding, which doesn't scale at all).
As far as a service like FTP that can use either, it's probably a matter
of policy. Do you want speed or logging? (unless you want to hack
the ip_masq_ftp module to do some logging). I tend to choose the former,
and thus use masq.
Sean
On Fri, 19 Feb 1999, kenneth topp wrote:
>
> Hello,
>
> I don't know if this is a sensitive subject, but I'm trying to implement
> security on the network, and I'm currently using a mix of socks5 and ip
> masq. Obviously socks will not work without sockified clients (under
> windows that isn't true, as they have a winsock plugin), but for the
> services that could use both socks or ipmasq, the question becomes which
> to chose. I've come up with some pros and cons, and i'm looking for
> peoples thoughts.
>
> socks (version5) pros:
> can use advanced authentication (login/kerberos) for access.
> more sophisticated logging.
> doesn't need dns resolution on the clients side.
>
> ipmasq pros:
> presumably more services supported (as clients don't have to be coded for it)
> done in the kernel so is faster?
> actively supported and promoted (NEC states they don't care much about
> the reference implementation).
>
> i would appreciate people adding to and challenging this list.. unless
> that this isn't the appropiate forum for this question.
>
> Thanks,
>
> Ken
>
>
>
> _______________________________________________
> Masq maillist - [EMAIL PROTECTED]
> http://tiffany.indyramp.com/mailman/listinfo/masq
> Admin requests can be handled by web (above) or [EMAIL PROTECTED]
>
-------------------------------------------------------------------
Sean Walberg <[EMAIL PROTECTED]> http://come.to/the_dark_side
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
