[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IP masquerading as firewall???
masqing is an overkill. its very complicated to ALLOW external access to
masqaraded hosts. (requires awkward port forwarding).
if you DO want to give certain hosts on the 192.168 network access from
the outside
consider using a packet filtering firewall or some other form on
non-masq server.
otherwise, masqing is a solid brick wall (so long as you keep the
masqing machine secure of course)
OR you can do a little bit of both by doing masqarading with real
addresses
(I think some win32 app called it Network Address Translation)
> Ze'ev Maor wrote:
>
> Is IP masqueradind with private IP numbers+ipfwadm (e.g.
> 192.168.xxx.xxx) for the internal LAN a good enough solution for a
> firewall. What are the benefits of using other solutions such as
> Socks/TIS?
--
<-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=>
\ Miki Shapiro <Aris> Professional Computer Junkie \
\ \
\ Home # - 04-8321105 ICQ UIN - 4122707 \
\ Cell # - 051-500983 IRC - Aris@EFnet \
/ /
/ "To err is human. To really fuck up you need the root password" /
<-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=>