Re: [fw-wiz] Proxy Firewalls (was FWTK vs T.REX)

From: Marcus J. Ranum (
Date: 01/30/03

To: Matthew Kirkwood <>, Javier Perez <>
From: "Marcus J. Ranum" <>
Date: Thu Jan 30 11:48:36 2003

I think FWTK is pretty obsolete.

For the various components of the package, there are better
"best of breed" implementations you can use; the only thing
you lose is common configuration.

FWTK I use now
ftp-gw FTP w/pasv origin only, squid for readonly
tn-gw ssh
http-gw squid, chrooted on a separate box
authentication ssh
smap postfix
plug-gw ssltunnel, plug-gw
dns bind, chrooted (finally)