On Mon, 23 Oct 2000, chesty wrote:
> So far I've looked at TIS firewall toolkit, but its not ideal, out of the
> box you have to use xhost to allow the firewall to connect to your X terminal,
> telnet to the firewall, login to the firewall, start the X proxy, telnet to
> the remote box, login to the remote box, set your display then start your X
> applications. Its clunky and not very secure (xhost and telnet), which
> defeats the whole purpose of putting a firewall in.
No, please... ;-)
SSH has X-proxying inbuilt. It is authenticated and encrypted - very
secure.
> The alternative is a commercial firewall, which some people are pushing for
> anyway. I'm hoping to get something up and running using linux, then let
> them decide if they still want to go with commercial firewall, or stay with
Thinking of a red box (WatchguardII)? Well guess what, it is just a linux
box inside (actually dual linux box if my memory serves me correctly). So
really with a bit of work you can do the same on your PC - just as
good. But really, the tricky bit is to get the rules in there (and
correct rules at that). You will find that the example in the ipchains
howto is not really a good example even though it gets you started.
tom.
Consultant
AUSSEC Phone: 61 4 1768 2202
339 Blaxland Rd., Ryde NSW 2112
Email: [EMAIL PROTECTED]
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
