Firewall Wizards mailing list archives

Re: Reverse Proxying of FTP?

From: Adam Shostack <adam () weathership homeport org>
Date: Wed, 2 Sep 1998 11:03:47 -0400

IP addresses are spoofable, and should not be used for security.

If you plan to do this anyway, their firewall should be able to filter 
such that only your IP address can reach their FTP server.  In
addition, you may want to use tcpd or something to control access a
second time.

Adam


On Tue, Sep 01, 1998 at 11:11:01AM -0700, Firewalls wrote:
| Hi folks,
| 
| We are looking for a simple solution to allow internet users to access
| an FTP server on one of our
| customers' internal networks. For obvious reasons they would prefer not
| to allow direct access to
| their FTP server. 
| 
| I'm looking for a moderately simple, and sercure mechanism such that
| their FTP server would only
| have to talk to one IP address (that of our FTP proxy).
| 
| Any suggestions?
| 
| 
| TIA,
| Lance

Current thread:

Reverse Proxying of FTP? Firewalls (Sep 01)
- Re: Reverse Proxying of FTP? Adam Shostack (Sep 02)
- Re: Reverse Proxying of FTP? Stephen P. Berry (Sep 02)