Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!rice!rice!sun-spots-request
From: turner@ksr.com (James M. Turner)
Newsgroups: comp.sys.sun
Subject: Xenophobic TCP gatewaying
Keywords: Networks
Message-ID: <1990Sep20.203310.373@rice.edu>
Date: 20 Sep 90 23:56:03 GMT
Sender: sun-spots-request@rice.edu
Organization: Sun-Spots
Lines: 18
Approved: Sun-Spots@rice.edu
Originator: spots@titan.rice.edu
X-Sun-Spots-Digest: Volume 9, Issue 310, message 10

We're starting to look at the problem of securing a potential Internet
gateway.  Basically, the problem can be stated as such:

We want to be able to accept incoming mail and news, and make FTP requests
and logins to the net.  Other than that, we don't want ANY incoming or
outgoing traffic allowed.  In addition, we want to have verified and
absolutely secure versions of the daemons to be the ones we run.  We also
want to be able to make FTP requests from any machine on the local net,
but DO NOT want any packet from the outside to be able to pass the gateway
machine.

Has anyone attacked this problem to date, and if so, what recommendations
can you make?

Name:    James M. Turner          
Company: Kendall Square Research  
Email:   turner@ksr.com, ksr!turner
Phone:   (617) 895-9400