Re: [fw-wiz] Recommended Open Source Proxy Firewalls



I just finished reading Marcus Ranum's very interesting paper -

http://www.ranum.com/security/computer_security/editorials/deepinspect/index
.html
- comparing "deep packet inspection firewalls" with "proxy firewalls"
and was interested in investigating open source "proxy firewalls". Do
open source proxy firewalls even exist, and if so, which would you
recommend and why? Thank you for your help.

http://www.faqs.org/docs/Linux-mini/TransparentProxy.html

This HOWTO is a great place to start. Even though it is exclusive to Squid,
you can apply the same principles to other proxies including a SOCKS proxy
to handle generic services. Of course, unlike the commercial proxy
firewalls like Raptor and Sidewinder, you will have to build your own rules
and define what behaviors are allowed or prohibited for each proxy. The up
side is that you have a lot more flexibility to control or even replace
proxies with the Linux-based solution.

Before I recommended an actual distro, project, or product, I would
recommend that you build one of your own either in a lab or at home so that
you understand how they work, what they're good at, what they suck at, etc.
Then take those lessons back to work and determine where and how using
proxies is a good fit for your organization. Truth is, Marcus makes a
compelling argument about why proxies are generally superior for security,
but that doesn't mean that the gains will outweigh the effort for you and
your organization.

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards