Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1997

NFR Wizards Archive: Here is my plan for firewall implementation

Here is my plan for firewall implementation

Jim Raykowski (jimrskicts.com)
Fri, 19 Sep 1997 19:30:40 -0700

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Andrew M Forster: "Filtering on 3Com Switch"
Previous message: Adam Shostack: "Re: SSL proxy info"
Next in thread: Marcus J. Ranum: "Re: Here is my plan for firewall implementation"
Reply: Marcus J. Ranum: "Re: Here is my plan for firewall implementation"
Reply: Craig Brozefsky: "Re: Here is my plan for firewall implementation"
Maybe reply: See, Matthew: "Re: Here is my plan for firewall implementation"
Maybe reply: Peter Jeremy: "Re: Here is my plan for firewall implementation"
Maybe reply: Tong, Aaron: "RE: Here is my plan for firewall implementation"
Maybe reply: Jim Raykowski: "RE: Here is my plan for firewall implementation"

Hello All,
  Here is my plan for implementating a firewall at my site and I would like
to hear some comments on the goods and bads.
  Here are the systems to be protected as we speak. 1 Novell 3.12 file
server, 1 NT 4.0 Server running as a PDC and MS Exchange Server, 1 NT 4.0
Server running as BDC. 85 Windows for Workgroups 3.X workstations running
MS Office Professional 4.3, MS Exchange for both internal and internet
e-mail supporting 160 users.
  My plan is to build a Pentium 133 with 32 MB RAM with 540 MB Hard Drive
running Linux Slackware using kernel 2.0.30 and TIS Firewall Toolkit 2.0.
I plan to use the SMTP, HTTP, TELNET, and FTP proxies from the FWTK and set
up a fake DNS on this machine.
  I will build another Linux computer to act as the internal DNS that will
forward all queries it cannot answer to the firewall and then forward
answers back to the systems that asked. It will also be my network
monitoring station and the station the I xfer all update to my external web
and ftp servers.
  My default policy will be to deny all unless otherwise permitted. I am
trying to protect the information as we deal with government contracts but
still need access to the internet to look up data and exchange information
with other contractors.
Thanks,

Jim Raykowski
San Diego, CA
jimrskicts.com

Next message: Andrew M Forster: "Filtering on 3Com Switch"
Previous message: Adam Shostack: "Re: SSL proxy info"
Next in thread: Marcus J. Ranum: "Re: Here is my plan for firewall implementation"
Reply: Marcus J. Ranum: "Re: Here is my plan for firewall implementation"
Reply: Craig Brozefsky: "Re: Here is my plan for firewall implementation"
Maybe reply: See, Matthew: "Re: Here is my plan for firewall implementation"
Maybe reply: Peter Jeremy: "Re: Here is my plan for firewall implementation"
Maybe reply: Tong, Aaron: "RE: Here is my plan for firewall implementation"
Maybe reply: Jim Raykowski: "RE: Here is my plan for firewall implementation"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:58 CDT