Cover V03, I01
Article
Figure 1
Sidebar 1

jan94.tar


Sidebar: Overview of the Fire Wall Tool Kit

The following is a brief excerpt from the "Configuration and Administration" document that comes with the Firewall Tool Kit.

Smap: SMTP Service

SMTP is implemented using a pair of software tools, called "smap" and "smapd". Generally, SMTP mail poses a threat to the system, since mailers run with system level permissions in order to deliver to users mailboxes. "Smap" and "Smapd" address this concern, by isolating the mailer so that it runs in a restricted directory via "chroot" as an unprivileged user.

Netacl: Network Access Control Lists

Netacl provides a network access control. It permits arbitrary access control specification for each network service based on the client's host address and the desired service.

Ftp-Gw: A Proxy Service for FTP

In order to permit file transfer through the firewall without risking compromising the firewall's security, the toolkit provides an FTP proxy server, which supports network access control as well as a secondary access control that permits any FTP command to be selectively blocked or logged.

Telnet-Gw: A Proxy Server for Telnet

The telnet proxy server, which supports network access control as well as a a secondary access control, permitting any destination to be selectively blocked.

Rlogin-Gw: A Proxy Server for Rlogin

Terminal access provided by a Proxy server, in a manner similar to the telnet proxy server.

Plug-GW: A TCP Plug Board Connection Server

A proxy service, primarily intended to support USENET News through the firewall (NNTP), but which can be used as a general-purpose proxy service.

Authd: Network Authentication Service

A generic authentication service for network applications.