Date: Wed, 6 Dec 2000 08:10:15 -0600 From: "Jacques A. Vidrine" <n@nectar.com> To: Manfred Petz <pm@aber.warum.net> Cc: Alexander Gavrilov <agv@haba.uven.ru>, freebsd-security@FreeBSD.ORG Subject: Re: TIS Firewall Tookit Message-ID: <20001206081015.B61027@spawn.nectar.com> In-Reply-To: <Pine.LNX.4.04.10012061447230.20285-100000@saturn.innonet.at>; from pm@aber.warum.net on Wed, Dec 06, 2000 at 03:03:03PM %2B0100 References: <200012061332.eB6DWDl03448@haba.uven.ru> <Pine.LNX.4.04.10012061447230.20285-100000@saturn.innonet.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 06, 2000 at 03:03:03PM +0100, Manfred Petz wrote: > I've been using it for years and I regret it. I had to apply tons of > patches to fix various problems with http-gw and smap (3rd party relay). A > couple of times I even had to debug and fix problems by myself because > either there was no patch or I couldn't find out where to get a patch. YMMV. This toolkit is useful, but it _is_ a toolkit -- not a ready-to-run full-featured firewall. The included parts are all small and easily understood -- a huge bonus from the security point-of-view. [snip] > If you dont't want to or can't use SOCKS then for a proxy based firewall > you may take a look at delegate(1). I'm using it at one site (though I > don't have much experience with it). Neither SOCKS nor delegate are firewall software. The latter, in particular, is probably one of the least secure pieces of proxy software ever written. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001206081015.B61027>