From owner-freebsd-security Fri Mar 20 09:11:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA02545 for freebsd-security-outgoing; Fri, 20 Mar 1998 09:11:47 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.webspan.net (root@mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA02526 for ; Fri, 20 Mar 1998 09:11:38 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id MAA22390; Fri, 20 Mar 1998 12:08:39 -0500 (EST) Date: Fri, 20 Mar 1998 12:11:30 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: Bryan Swann cc: Graphic Rezidew , freebsd-security@FreeBSD.ORG Subject: Re: I need some proxies! :) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk On Fri, 20 Mar 1998, Bryan Swann wrote: > In case you didm't see my last post, there are valid reasons for having a > seperate web proxy server. A web proxy like SQUID not only serves as a > proxy, it caches the web data. When SQUID already has a web page in > cache, there is no need fot it to go out on the Internat to get it. This > can greatly reduce the amount of traffic going through the firewall. Yes i have used squid before, but I need not JUST web proxy services :) I was going to try and get them more than just mail and web service. But since there not willing to spend much my generosity over what their willing to pay for and what they COULD use is falling rapidly. So I think im just going to stick to mail and web/ftp since SQUID does FTP traffic as well. The rest they can pay me for when they get tired of not having it :) > A second reason for a seperate web proxy is to reduce the processing the > firewall has to perform. The firewall could simply use a packet screen > rule, instead of a proxy, to only allow the REAL proxy server external > access. The packet screen requires less processing than the proxy. Yeah squid is really great. Its an eye opern for users when they use it. but to keep them configured to use it with netscape or IE, etc.. gets tedious sometimes, but thats their local admins problem not mine. > I'm currently aiding a group in developing a parallel firewall solution. > This design will include an internal web proxy/cache server. You know, im not sure what platform your using, but I've been thinking of starting a FreeBSD consultants mailing list. A closed moderated list for all of us FreeBSD consultants to exchange ideas and help each other out. Since posting to -hackers is not quite the exact narrow audience I shoot for sometimes. It's a great list! dont get me wrong. It's just sometimes you want to get to the people who do exactly what you do, and apply it the same way. Not to mention there would be alot more information you could dish out to a closed list about who/where/pricing etc.. when talking about a certain client. Just an idea I have been kicking around. -- "I am closed minded. It keeps the rain out." ===================================| Open Systems Networking And Consulting. FreeBSD 2.2.5 is available now! | Phone: 316-326-6800 -----------------------------------| 1402 N. Washington, Wellington, KS-67152 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting-Network Engineering-Security ===================================| http://open-systems.net -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAzPemUsAAAEH/06iF0BU8pMtdLJrxp/lLk3vg9QJCHajsd25gYtR8X1Px1Te gWU0C4EwMh4seDIgK9bzFmjjlZOEgS9zEgia28xDgeluQjuuMyUFJ58MzRlC2ONC foYIZsFyIqdjEOCBdfhH5bmgB5/+L5bjDK6lNdqD8OAhtC4Xnc1UxAKq3oUgVD/Z d5UJXU2xm+f08WwGZIUcbGcaonRC/6Z/5o8YpLVBpcFeLtKW5WwGhEMxl9WDZ3Kb NZH6bx15WiB2Q/gZQib3ZXhe1xEgRP+p6BnvF364I/To9kMduHpJKU97PH3dU7Mv CXk2NG3rtOgLTEwLyvtBPqLnbx35E0JnZc0k5YkABRO0JU9wZW4gU3lzdGVtcyA8 b3BzeXNAb3Blbi1zeXN0ZW1zLm5ldD4= =BBjp -----END PGP PUBLIC KEY BLOCK----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message