85
Chapter 13
13.
Managing NNTP and General TCP Services
Usenet news continues to be one of the most widely used features on the Internet. Many
sites rely on Usenet news for information on the latest technology. Although the Network
News Transfer Protocol (NNTP) does little in comparison to other network protocols,
you must configure it carefully to protect internal news groups that may contain
sensitive proprietary information.
The plug proxy included with the Gauntlet firewall allows administrators to tunnel
NNTP-based news feeds through their firewall. The NNTP connections come from
known sites (as opposed to the multitude of sites that may connect via SMTP to deliver
mail). NNTP is also a very straightforward protocol. For these reasons, it can be proxied
using the generic plug proxy.
Other common programs, such as whois and webster, run over TCP. You can also tunnel
these services through the firewall with the plug proxy.
Many sites also rely on applications such as America Online, CompuServe and Lotus
Notes. Each of these services uses a proprietary protocol, which could require a
multitude of application-specific proxies. Instead, administrators can use the plug proxy
to tunnel these through the firewall.
Warning:
The consequences of allowing proprietary protocols through your
firewall are not well known. Because the protocols are proprietary, the firewall and the
proxy have no idea what sorts of data or requests the applications are sending. Nor can
there be any idea how safe the actual application is. Do not use the plug proxy for
proprietary protocols without first performing a risk assessment.
The plug proxy does not support UDP-based services. UDP is not a connection oriented
protocol. Because there is no connection, there are no sequence numbers. This makes it
much easier for someone to create a UDP packet that appears valid but contains
fabricated source and destination information.
This chapter explains the concepts behind the plug proxy and how it works, how to
configure the proxy for NNTP news and other services, and how to configure these
services to run through the firewall.
Содержание Gauntlet
Страница 1: ...Gauntlet for IRIX Administrator s Guide Document Number 007 2826 004 ...
Страница 16: ......
Страница 26: ......
Страница 27: ...PART ONE Understanding the Gauntlet Internet Firewall I ...
Страница 28: ......
Страница 43: ...PART TWO Configuring and Using Proxies II ...
Страница 44: ......
Страница 50: ......
Страница 56: ......
Страница 64: ......
Страница 72: ......
Страница 94: ......
Страница 109: ...PART THREE Administering General Gauntlet Firewall Services III ...
Страница 110: ......
Страница 140: ......
Страница 146: ...120 Chapter 17 The Graphical Management Interface Figure 17 3 Gauntlet Introductory Management Form 1 of 3 ...
Страница 147: ...Introductory Management Form 121 Figure 17 4 Gauntlet Introductory Management Form 2 of 3 ...
Страница 148: ...122 Chapter 17 The Graphical Management Interface Figure 17 5 Gauntlet Introductory Management Form 3 of 3 ...
Страница 150: ...124 Chapter 17 The Graphical Management Interface Figure 17 6 Networks and Interfaces Configuration Form 1 of 2 ...
Страница 151: ...Networks and Interfaces Configuration Form 125 Figure 17 7 Networks and Interfaces Configuration Form 2 of 2 ...
Страница 155: ...Routing Configuration Form 129 Figure 17 8 Routing Configuration Form ...
Страница 162: ...136 Chapter 17 The Graphical Management Interface Figure 17 10 Proxy Servers Configuration Form 1 of 3 ...
Страница 163: ...Proxy Servers Configuration Form 137 Figure 17 11 Proxy Servers Configuration Form 2 of 3 ...
Страница 164: ...138 Chapter 17 The Graphical Management Interface Figure 17 12 Proxy Servers Configuration Form 3 of 3 ...
Страница 170: ...144 Chapter 17 The Graphical Management Interface Figure 17 13 DNS Configuration Form 1 of 2 ...
Страница 171: ...DNS Configuration Form 145 Figure 17 14 DNS Configuration Form 2 of 2 ...
Страница 177: ...Sendmail on Gauntlet Servers 151 Figure 17 15 Sendmail Configuration Form ...
Страница 187: ...Logfiles and Reports Configuration Form 161 Figure 17 20 Reports and Logfiles Form 1 of 2 ...
Страница 191: ...Authorizing Users Form 165 Figure 17 22 Authorizing Users Form ...
Страница 192: ...166 Chapter 17 The Graphical Management Interface Figure 17 23 Add User Form ...
Страница 214: ......
Страница 232: ......
Страница 233: ...Appendixes IV ...
Страница 234: ......
Страница 294: ......
Страница 305: ......