Re: How To Set Up Mail-out-only System ?
On Tue, 2004-02-10 at 20:41, Nick Boyce wrote: Sorry if this is a dumb question ... I've just set up a secure (you know .. more than usual) Debian system, and want to arrange things so that it can send mail out when necessary (in case anything happens that it thinks I should know about) but is *not* constantly listening for incoming mail. Is there a best way of doing this ? You might want to check out ssmtp. ...Murray -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How To Set Up Mail-out-only System ?
On Tue, 2004-02-10 at 20:41, Nick Boyce wrote: Sorry if this is a dumb question ... I've just set up a secure (you know .. more than usual) Debian system, and want to arrange things so that it can send mail out when necessary (in case anything happens that it thinks I should know about) but is *not* constantly listening for incoming mail. Is there a best way of doing this ? You might want to check out ssmtp. ...Murray
Re: Need recomendations for https proxy that serves as a firewall proxy
On Wed, 2003-12-31 at 11:01, Bernd Eckenfels wrote: [...] Unfortunatelly there are not much free HTTP Application Level Gateways (reverse proxies) out there which do good filtering. (And I am not sure if there are non-free which are good, either:). Some are listed on: http://www.freefire.org/tools/index.en.php3 [...] For a simple reverse proxy (with load balancing), try pound. From the webpage [http://www.apsis.ch/pound/]: The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away. Last I looked, pound was available as a debian package in sid. However, for virtual hosting across multiple back-end machines with authentication at the firewall, I found apache2 + mod_ssl + mod_proxy more suitable. Moreover, pound does not provide caching for acceleration, nor ssl on the back channel. ...Murray -- Murray J. Brown, Director, Information Security Consulting Witstone Counterworks inc. and Trusted By Design inc. Director Global Investor, The Hunger Project in Canada Unleashing the Human Spirit for the end of World Hunger. [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Need recomendations for https proxy that serves as a firewall proxy
On Wed, 2003-12-31 at 13:17, Bernd Eckenfels wrote: In article [EMAIL PROTECTED] you wrote: However, for virtual hosting across multiple back-end machines with authentication at the firewall, I found apache2 + mod_ssl + mod_proxy more suitable. Moreover, pound does not provide caching for acceleration, nor ssl on the back channel. The question is, if if does protocol level filtering. If not, you can use any form of socket redirects. I believe pound does protocol level filtering for http 1.1 with webdav extensions. AFAIK, the apache2 solution does no protocol filtering, yet it does offer an alternative to the noted limitations of pound. Whilst I agree that running apache2 on a bastion is less than ideal and I'd prefer a protocol filter, I was unable to find a solution that satisfied my other requirements (notably authentication) otherwise. -- Murray J. Brown, Director, Information Security Consulting Witstone Counterworks inc. and Trusted By Design inc. Director Global Investor, The Hunger Project in Canada Unleashing the Human Spirit for the end of World Hunger. [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Need recomendations for https proxy that serves as a firewall proxy
On Wed, 2003-12-31 at 11:01, Bernd Eckenfels wrote: [...] Unfortunatelly there are not much free HTTP Application Level Gateways (reverse proxies) out there which do good filtering. (And I am not sure if there are non-free which are good, either:). Some are listed on: http://www.freefire.org/tools/index.en.php3 [...] For a simple reverse proxy (with load balancing), try pound. From the webpage [http://www.apsis.ch/pound/]: The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away. Last I looked, pound was available as a debian package in sid. However, for virtual hosting across multiple back-end machines with authentication at the firewall, I found apache2 + mod_ssl + mod_proxy more suitable. Moreover, pound does not provide caching for acceleration, nor ssl on the back channel. ...Murray -- Murray J. Brown, Director, Information Security Consulting Witstone Counterworks inc. and Trusted By Design inc. Director Global Investor, The Hunger Project in Canada Unleashing the Human Spirit for the end of World Hunger. [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: Need recomendations for https proxy that serves as a firewall proxy
On Wed, 2003-12-31 at 13:17, Bernd Eckenfels wrote: In article [EMAIL PROTECTED] you wrote: However, for virtual hosting across multiple back-end machines with authentication at the firewall, I found apache2 + mod_ssl + mod_proxy more suitable. Moreover, pound does not provide caching for acceleration, nor ssl on the back channel. The question is, if if does protocol level filtering. If not, you can use any form of socket redirects. I believe pound does protocol level filtering for http 1.1 with webdav extensions. AFAIK, the apache2 solution does no protocol filtering, yet it does offer an alternative to the noted limitations of pound. Whilst I agree that running apache2 on a bastion is less than ideal and I'd prefer a protocol filter, I was unable to find a solution that satisfied my other requirements (notably authentication) otherwise. -- Murray J. Brown, Director, Information Security Consulting Witstone Counterworks inc. and Trusted By Design inc. Director Global Investor, The Hunger Project in Canada Unleashing the Human Spirit for the end of World Hunger. [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]