samba-ntdom digest, Vol 1 #233 - 29 msgs

Hazen Valliant-Saunders hazen at potentia.ca
Fri Jan 5 18:00:44 GMT 2001


Helo evryone <-Remember telneting to 25 to write nice little msg's?

	Puns aside, Why use a proxy when you have a linux box.  Here is probably
the best guide i've ever seen on the topic of firewalling and security (that
is if you are using red hat) but the firewall in there can be applied to
anywhere or any form of linux (ipchains and ipfwadm dependant)
but makes so close to bullet proof (won't even reply to pings  ie:
unauthorized icmp is filtered udp is completly filtered, tcp is rock solid)
this in conjunction with a hardner or two (nice scripts ) make for a pretty
damn near impossible to hack or "bullet proof" box

here is the link (hope you have brodband!)
http://www.linuxdoc.org/LDP/gawlso/Securing-Optimizing-Linux-RH-Edition-1_3.
pdf (5.3 Mb in size)
full of useful information
in conjunction with a couple of security howto's
(insecure.org, bugtraq.org, syssecurity.org etc etc etc)
you will have a dream gateway that nat's and hides your entire network
behind what appears to be a keyhole that only allwos light to go in one
direction (you can look out but no one can look in!)

	The reason behind all this is i find a lot of people don't put effort into
securing their boxes and get hacked as a result.

-----Original Message-----
From: samba-ntdom-admin at us5.samba.org
[mailto:samba-ntdom-admin at us5.samba.org]On Behalf Of
Graeme.Vetterlein at ntl.com
Sent: Friday, January 05, 2001 6:00 AM
To: samba-ntdom at us5.samba.org
Subject: RE: samba-ntdom digest, Vol 1 #233 - 29 msgs


Nt running a proxy server for what service?

My guess is you mean a HTTPD proxy. This means you DO NOT HAVE ACCESS TO THE
INTENET
you only have access to one protocol (maybe two or three if it supports say
FTP etc)

A better way around to do it would be have the Linux box run ipchains and
have the
NT box go out via that. This would give you full access. (this is what I do
.. acts as firewall)

As to what you want to do with your current setup:

	- Do you want to run a browser on the Linux box that uses the NT box
to 'get to' the
	    internet.

		In this case just set the linux proxy values to point at the
NT proxy

	- Do you want to run another proxy (httpd) on Linux?

		In this case configure httpd to point at the NT proxy.


	If you want to do much else:

		- Direct e-mail (ie not using MS-exchange)
		- samba
		- NFS
		- ping
		- telnet
		...

	You can't do it, unless you run a proxy for that protocol on the NT
box.

> Message: 8
> From: "Rob Marsiglia" <litlrob at home.com>
> To: <samba-ntdom at lists.samba.org>
> Subject: USING WIN NT SERVER WITH PROXY SERVER
> Date: Tue, 2 Jan 2001 20:43:53 -0500
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0018_01C074FC.B83D9C80
> Content-Type: text/plain;
> 	charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> I have a Nt server running proxy server and need to setup
> redhat to use =
> the internet through the NT proxy server, I know samba doesnt
> do it, but =
> what will?  I havent found a resource to do it yet...anyone run into =
> this problem and have a resolution?
>






More information about the samba-ntdom mailing list