Date: Tue, 1 Jun 1999 15:24:57 -0500 (EST) From: Alfred Perlstein <bright@rush.net> To: Tenacious <tMind@bigfoot.com> Cc: "Scott I. Remick" <scott@computeralt.com>, Dan Nelson <dnelson@emsphone.com>, freebsd-questions@FreeBSD.ORG Subject: Re: ipfw vs. MS Proxy Message-ID: <Pine.BSF.3.96.990601152113.9491x-100000@cygnus.rush.net> In-Reply-To: <00e901beac5e$fe5c07a0$3c29a8c0@tci.rdo>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Jun 1999, Tenacious wrote: > > On Tue, 1 Jun 1999, Scott I. Remick wrote: > > > > > At 02:07 PM 6/1/1999 , you wrote: > > > This was my understanding as well. I've actually looked at squid. > > > > > > >Exactly what are the advertised features of MS Proxy, and what are the > > > >features you are looking for? > > > > > > They're looking at it from a security standpoint. Which I agree with > > > totally... I've always wanted a firewall. There never seems to be money > > > available for my FreeBSD projects, but if someone describes the same > need > > > using MS "solutions", then everyone gets excited :( > > > > I'm quite sure MS-proxy is the correct choice for you, it's VERY > > cool, it'll even proxy outside connections INTO your network! > > You need more hardware resources for MS-proxy than proxy for BSD. The above statement was sacasm directed at MS-proxy's "security". Search bugtraq. see: > > Do yourself a big favor and search bugtraq for this, supposeddly > > people were able to fool ms-proxy into making internal connections > > to proxied networks by spoofing proxy requests. > > > > > The idea is to do just what a firewall does: filter traffic between our > > > private network and the outside world. I'd like to see a FreeBSD box > with > > > 2 NICs dropped into place, running ipfw, to perform this task fairly > > > invisibly. They'd like to use MS solutions because "that's what we > sell" > > > and they don't like FreeBSD solutions because NOEKI (No One Else Knows > It) > > > except for me. Grrr. > > > > Buy them the Complete FreeBSD. Explain that you'll save them > > 2000$+cost of ms-proxy. IPFW syntax isn't that horrible to > > master. > > Don't forget the cost of NT Server. 2000$ == NT server. no? > > > I'm not totally up on either, but I've got some concerns that MS Proxy > is > > > even up for the task that they want to give it. Sure, it can proxy and > > > cache HTTP info and the like, but I don't think it's much of a > firewall... > > > am I correct? Hopefully someone can help me out here. > > > > Using MS products as a firewall solution is cool, because when > > you blue screen, you effectively completely firewall off your > > entire operation. > > Blue screen is part of the Windows. *nod* It'd be cool if you could customize the colors ala the Imac. :) -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990601152113.9491x-100000>