Need some firewall wisdom.

John M. Morris jmorris at dtx.net
Fri Jul 24 07:29:32 EDT 1998


On Fri, 24 Jul 1998, Brian K. Snapp wrote:

> However, some firewalls use Network Address Translation (NAT) to hide
> that IP address to the outside world.
> Some also act as an application proxy.  Does anyone know how these two
> scenarios effect 3rd party services and whether or not there are ways
> around these problems should they exist?

Well I dunno how NewToy deals with those issues, but if you dig yourself
out an old 486 box and stick Linux on it it can easily handle the job.
Put your internal hosts on a 'fake' network and have all traffic appear to
be issuing from the single real IP on your firewall/proxy box.  This way
the databases work just regardless of what is going on behind the
firewall.

If you are fairly new to the inner workings of networking you might find a
local propellerhead to help out with configuring the firewall since
security is not always the best place for on the job training.  Even if
you hire the whole job done you would probably come out cheaper than even
just the price on the firewall package and have a box you have complete
control over and can quickly get patches for as new exploits appear.  In
time you will figure out what's going on in the config files and start
thinking up all sorts of new uses/features you can provide.

I have never before seen anything so seamless for upgrades!  All you do is
subscribe to the mailing list and when a upgraded package is announced a
command line will be shown in the mailing which you just cut/paste into a
telnet session connected to the machine to be upgraded which contains a
ftp URL on it.  The system then does the work of retrieving the upgraded
software installing it.

John M.      http://www.dtx.net/~jmorris         This post is 100% M$ Free!
Geek code 3.0:GCS C+++ UL++++$ P+++ L+++ W+ N++ w-- Y+ 5+++ R tv- b++ e* r%
===========================================================================
The views expressed certainly don't reflect those of CCC Internet Services.



More information about the Web4lib mailing list