From owner-freebsd-security Fri Mar 22 04:55:08 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id EAA04344 for security-outgoing; Fri, 22 Mar 1996 04:55:08 -0800 (PST) Received: from burka.carrier.kiev.ua (root@burka.carrier.kiev.ua [193.125.68.131]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id EAA04211 for ; Fri, 22 Mar 1996 04:51:21 -0800 (PST) Received: from sivka.carrier.kiev.ua (root@sivka.carrier.kiev.ua [193.125.68.130]) by burka.carrier.kiev.ua (Sendmail 8.who.cares/5) with ESMTP id OAA16037 for ; Fri, 22 Mar 1996 14:52:50 +0200 Received: from elvisti.kiev.ua (uucp@localhost) by sivka.carrier.kiev.ua (Sendmail 8.who.cares/5) with UUCP id OAA14003 for security@freebsd.org; Fri, 22 Mar 1996 14:27:37 +0200 Received: from office.elvisti.kiev.ua (office.elvisti.kiev.ua [193.125.28.33]) by spider2.elvisti.kiev.ua (8.6.12/8.ElVisti) with ESMTP id KAA26121 for ; Fri, 22 Mar 1996 10:53:07 +0200 Received: (from stesin@localhost) by office.elvisti.kiev.ua (8.6.12/8.ElVisti) id KAA25918 for security@freebsd.org; Fri, 22 Mar 1996 10:53:05 +0200 Received: from spider2.elvisti.kiev.ua (spider2.elvisti.kiev.ua [193.125.28.35]) by office.elvisti.kiev.ua (8.6.12/8.ElVisti) with ESMTP id HAA19638 for ; Fri, 22 Mar 1996 07:19:22 +0200 Received: from sivka.UUCP (uuSEMEN@localhost) by spider2.elvisti.kiev.ua (8.6.12/8.ElVisti) with UUCP id HAA14160 for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 07:15:23 +0200 Received: from kiae.UUCP (uucp@localhost) by sivka.carrier.kiev.ua (Sendmail 8.who.cares/5) with UUCP id GAA27668 for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 06:02:52 +0200 Received: by sequent.KIAE.su (UUMAIL/2.0); Fri, 22 Mar 96 06:31:16 +0300 Received: by kremvax.demos.su (uumail v3.2.2/D) for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 06:19:46 +0300 Received: by kremvax.demos.su (8.6.12/D) from relay7.UU.NET [192.48.96.17] for with ESMTP id GAA08675; Fri, 22 Mar 1996 06:19:45 +0300 Received: from miles.greatcircle.com by relay7.UU.NET with ESMTP id QQaibt01721; Thu, 21 Mar 1996 22:15:34 -0500 (EST) Received: (majordom@localhost) by miles.greatcircle.com (8.7.1-lists/Lists-951222-1) id KAA11341 for firewalls-outgoing; Thu, 21 Mar 1996 10:28:54 -0800 (PST) Received: from selkirk.csrv.nidc.edu (selkirk.csrv.nidc.edu [192.133.128.10]) by miles.greatcircle.com (8.7.4/Miles-951221-1) with SMTP id KAA11328 for ; Thu, 21 Mar 1996 10:28:44 -0800 (PST) Received: by selkirk.csrv.nidc.edu (1.38.193.5/16.2) id AA23587; Thu, 21 Mar 1996 10:39:33 -0800 Date: Thu, 21 Mar 1996 10:39:33 -0800 (PST) From: "Mark E. Nottage" To: Firewalls-digest@GreatCircle.COM Subject: Proxy/Firewall Apps for FreeBSD? Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk How viable and potentially effective would it be to set up a firewall on a PC-clone running FreeBSD 2.1 ( will supposedly also run some SCO binaries with the iBCS2 libs ) ? Parameters: We have existing IPX networks in 3 remote offices of an organization. The proposal includes providing Internet connections for the "main office" and all remote offices ( to facilitate offices sharing data, _at least_ via email ). All offices already have a Netware based email product capable of sending encrypted email between offices ( now via asynch connections, but also capable of acting as SMTP gateways ). The primary constraint is that data from the internal networks is highly sensitive, and _must not_ be compromised. Other questions: 1) I know that FreeBSD v2.1 has IPFirewall code in the kernel; how effective is that code? Also, is there proxy software that shakes hands well with this IPFirewall code? 2) What Proxy and/or Firewall software, either commercial or freely distributed, will run on FreeBSD? 3) What questions haven't I asked that I need to ask? TIA +________________________________________________________________________+ | Mark E. Nottage | "Would you give a foot massage to a | | Equipment/Network Technician | man?!?" | | email: markn@nidc.edu | - Vincent Vega | +------------------------------------------------------------------------+