[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Create a canned "Firewall Build" or RFHH

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Create a canned "Firewall Build" or RFHH
From: "John R. S. Mascio" <mascio_(_at_)_ryu_(_dot_)_com>
Date: Mon, 25 Feb 2002 11:41:17 -0600
Organization: Ryu Enterprises
Reply-to: mascio_(_at_)_ryu_(_dot_)_com

Jatin Nansi wrote:

Hi,
What do you plan for the features to be included into this project? There are a lot of things that go into a commercial firewall, so r u planning something comparable, or something that is a packet filter and NAT (which OBSD with pf basically is). Atleast a list of all expected features will get people interested...

From my point of view:
   Required:
       Tight filtering
       with/without NAT
       with/without VPN pass through.  Either from inside or outside.
       Detailed logging
       Complete audit of file/directory permissions

Nice as an option: VPN server Mail server Research needed: VPN server Web w/ STATIC pages. No CGI.

   NO WAY:
       CGI
       general user logins

I would like to keep it fairly tight. But realizing that some smaller businesses may need a bit more, but encourage them to migrate those "non-firewall" services to a secured machine to keep the firewall as clean as possible.

JRSM

-- _ | John Raymond Stone Mascio _|_|_) | mascio_(_at_)_ryu_(_dot_)_com (_|_| | 214.725.7518 | 972.240.5040 -----------------------------------------------------------------

Follow-Ups:
- Re: Create a canned "Firewall Build" or RFHH
  - From: Alex Holst

Prev by Date: Re: pthread semaphores
Next by Date: Re: Create a canned "Firewall Build" or RFHH
Previous by thread: Re: Create a canned "Firewall Build" or RFHH
Next by thread: Re: Create a canned "Firewall Build" or RFHH
Index(es):
- Date
- Thread

Visit your host, monkey.org