[fw-wiz] Firewalling at the domain users level instead of network level

From: Santos (casd_at_netvisao.pt)
Date: 07/18/04

  • Next message: Frank Knobbe: "Re: [fw-wiz] More Syslog Questions" 
    To: firewall-wizards@honor.icsalabs.com
Date: Sun, 18 Jul 2004 07:41:34 +0100

    Hi all.

    I'm implementing a "Windows clients, Linux servers" kind of network.
    Some users may login at different machines, therefore, ip level is not
    enough. I wonder if it's possible to control the access at the "domain
    users" level instead of network or ip level. I could implement some
    proxies, but each client machine had to be configured and that would
    mean extra work. IPtables can filter at the user level, but only with
    local users. Is there a way to configure iptables and kerberos working
    together or something like that? Is this doable with PAM? I have read
    that SAMBA authenticated gateway HOWTO, but it doesn't look very
    reliable. Well, so basically what i want, is a firewall similar to a ISA
    Server firewall

    Any ideas about this would be apreciated, thanks in advance.

    Santos

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Frank Knobbe: "Re: [fw-wiz] More Syslog Questions"

    Relevant Pages

    • Re: Pro-active Security Software?
      ... > Ultimately, you will need to deal with iptables, which is not too hard. ... To further protect the interior Linux network machines, ... > authorised to connect to Internet hosts. ... the firewall to tighten it up, the more I can configure the internal ...
      (comp.os.linux.security)
    • Re: network / performance problems
      ... > due to some bug in whatever is dynamically adding firewall rules to your system. ... I *do* run iptables on all of these machines. ... # Allow this host to establish new connections. ...
      (Linux-Kernel)
    • Re: IPTABLES & TCP WRAPPERS
      ... >> IPTables denying traffic from lets say 1 IP for TCP. ... >firewall rules, and then you have the tcp wrappers for that. ... >to some services from just a group of machines, ...
      (comp.os.linux.security)
    • Firewalling at the domain users level instead of network level
      ... Some users may login at different machines, therefore, ip level is not ... I wonder if it's possible to control the access at the "domain ... Is there a way to configure iptables and kerberos working ... Server firewall ...
      (comp.os.linux.networking)
    • Firewalling at the domain users level instead of network level
      ... Some users may login at different machines, therefore, ip level is not ... I wonder if it's possible to control the access at the "domain ... Is there a way to configure iptables and kerberos working ... Server firewall ...
      (comp.security.firewalls)