[OT]: Invisible firewalls (was Re: [Gllug] Opinions on Smoothwall and other firewalls)
tet at accucard.com
tet at accucard.com
Fri Oct 12 09:36:06 UTC 2001
>Okay, I see that if someone did something that pathologically daft
>like that they'd be in for a whole world of pain, but why do they need
>2 invisible firewalls? Surely the idea is that they sit on the
>periphery of the network and just watch the traffic entering and
>exiting the private network?
>From memory, one was a firewall, and one was a filtering web proxy.
>I'm staggered. Didn't whoever it was that set up the invisible
>firewalls test the config without using the "fastroute" option?
You'd have thought so. But apparently not. FWIW, the systems weren't
using IPF, but the same principle applies.
>Or did the network topology change unexpectedly?
No, but the fact that it may do at some point in the future is reason
enough not to want such a setup. More to the point, there is no real
legitimate reason why you would *want* either of those devices to be
transparent in the first place.
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list