Re: Proxy Firewalls (was FWTK vs T.REX)

[Matthew Kirkwood <matthew () hairy beasts org>]

On Thu, 30 Jan 2003, Javier Perez wrote:

> there are opinions against T.REX and it seems that
> people like Zorp. are there any other interesting
> options around? I would like to know what kind of
> proxies is people using in the real world (apart from
> gauntlet and raptor), specially the free ones.. is
> people still using FWTK or is already obsolete?

I wrote some infrastructure and a few paranoid proxies
a while ago and released it all under the GPL, but it
never got very complete: http://hairy.beasts.org/fk/

I wrote some short ramblings about the other proxy
kits out there: http://hairy.beasts.org/fk/competition.html
I don't mention Zorp, because I never got around to
playing with it, but I really like its approach.

> A second thing is if those products support ssh
> authentication in the proxy (through something like
> tn-gw-nav for FWTK), which I need.

It's not too hard to knock up a small script to use
as a user's shell.  chrooting users (which is possible
with PAM) into a read-only filesystem helps me to
sleep at night.

Matthew.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards