From owner-freebsd-security Fri Dec 8 11: 9:23 2000 From owner-freebsd-security@FreeBSD.ORG Fri Dec 8 11:09:20 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from smtp.nettoll.com (unknown [212.155.143.61]) by hub.freebsd.org (Postfix) with ESMTP id A8BAE37B400 for ; Fri, 8 Dec 2000 11:09:19 -0800 (PST) Received: by smtp.nettoll.com; Fri, 8 Dec 2000 20:03:41 +0100 (MET) Message-Id: <4.3.0.20001208200512.0577a150@pop.free.fr> X-Sender: usebsd@pop.free.fr X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Fri, 08 Dec 2000 20:10:00 +0100 To: Manfred Petz , "Jacques A. Vidrine" From: mouss Subject: Re: TIS Firewall Tookit Cc: Alexander Gavrilov , freebsd-security@FreeBSD.ORG In-Reply-To: References: <20001206081015.B61027@spawn.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 15:50 06/12/00 +0100, Manfred Petz wrote: >On Wed, 6 Dec 2000, Jacques A. Vidrine wrote: > >| Neither SOCKS nor delegate are firewall software. The latter, in >| particular, is probably one of the least secure pieces of proxy software >| ever written. > >Accepted. Do you know a (free) alternative to FWTK which is comparable in >terms of ease of use, straightforward source and which implements similar >functionality (e.g. the permit/deny rules in netperm-table)? the plug-gw, from the FWTK, is just far better than delegate! don't let htto-gw and smap descrepancies make you conclude that the whole thing is to throw away... for smtp, smap approach breaks much things, and your best way is to use a secure server instead. you can then put a plug-gw to only accept mail that goes through this server... cheers, mouss To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message