Re: firewall on a bridge

Hello There,

I can't remember an option in Checkpoint to do transparent or bridge
firewall.

Cisco PIX (at least the FWSM blade, not yet checked for the same in PIX 7)
has a functionnality called transparent firewall. you can then put
access-list based on IP or MAC.

OpenBSD can also do it, as well as Linux.

If this is a intensively used server, I would advice switching to a *nix
variant and not to Windows, which may show its limits "at peak".

Regards,
Jean-François Gobin

"Rick Merrill" <rick0.merrill@xxxxxxxxxxxxxxxx> a écrit dans le message de
news: OMKdnSu1SpFxEo_YnZ2dnUVZ_sudnZ2d@xxxxxxxxxxxxxx
Todd H. wrote:

Rick Merrill <rick0.merrill@xxxxxxxxxxxxxxxx> writes:


Yes, selectivly route. and Yes, see following.

Let me clarify: I want to use a Windows XP PC with 2 NIC to act as a
firewall in front of a 3rd party Linux FTP server. (Its log file is
being bombarded with knob twisting attempts.)
I want to allow access to the FTP server to a finite number of IP
addresses (OR have a login ...)


Hrmm. The software like this that runs on windows runs on win2k
server and 2003 server and not their desktop OS's. I'm thinking of
Checkpoint FW-1 in this thought. Is there any reason yu have to use and
XP PC? Several other options
are far more suitable to the job without the XP'ness running about,
including $60 appliances like a Linksys wrt54g running 3rd party
firmware, or using that PC hardware as a Linux firewall.


Thanks for the tip.

'We go to firewall with the PC we have, not always with the PC we want.'


.

Relevant Pages

  • Re: CEICW fails at firewall config
    ... Do you or do you not have ISA 2000 or ISA 2004 installed on the SBS server? ... Do you have 2 NICs in the SBS? ... CEICW fails on firewall configuration every time. ... >>> Call to Creating the protected networks access rule returned ok. ...
    (microsoft.public.windows.server.sbs)
  • Re: Recycler security issues on IIS server
    ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    (microsoft.public.inetserver.iis.security)
  • Re: ISA SERVER NOT STARTING
    ... I delete the nat/basic firewall and stop and started the RRAS an tried to ... There were no critical events in the DNS Server Log in the last 24 hours. ... An error occurred during logon ... Caller User Name: - ...
    (microsoft.public.windows.server.sbs)
  • Re: For Microsoft Partners and Customers Who Cant Download or Access
    ... to reconfigure the firewall, but to use a static IP on your client ... and to make sure that the DNS server entries on the client are ... Microsoft for msdn2.microsoft.com. ... use a static IP and set the DNS server addresses to the DNS ...
    (microsoft.public.dotnet.general)
  • RE: Is this as bad as it seems?
    ... The network being protected by the router or firewall is still vulnerable to ... > circumvented - the administrator has explicitly allowed HTTP traffic on ... this exploit has the effect of allowing the attacker to send *INBOUND* HTTP ... The HTTP server (located on the internal network or anywhere else that is ...
    (Security-Basics)