Subject: | |
From: | |
Reply To: | |
Date: | Sat, 6 Apr 1996 11:15:53 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Fri, 5 Apr 1996, Dan Hollis wrote:
> I don't think it would matter -- you can't wrap VTSERVER anyway. The only
> thing you can do is firewall it (or proxy it, but I don't think anyone has
> done this). And if you have a firewall, tcp wrappers gain you very little.
Not just for NS services, but if telnet servers et al are coming witn
MPE/iX 5.5, then it may not be a bad idea. To allow certain users at
certain hosts to pass through, and to actually log hacking attempts with
IDENT or TAP services may be better than global closure at one point
before the actual server.
> I think it's more important for MPE to have the capability of firewalling
> than it is to have tcp wrappers.
Yes, but perimeter hostscan get behind firewalls, and without wrappers,
you would not be able to determine who from which host attached to port
number xxxx, correct?
Daniel Kosack -<[ Danny Boy ]>-
[log in to unmask]
|
|
|