From: Robert <ro...@ar...> - 2004-04-27 21:14:16
|
I like the ideas this could lead to, but I think this was actually discussed before. If memory serves, the idea was let go due to the fact that the windows IP stack would be exposed in front of any firewall on a colinux system. I imagine a great deal of security could still be gained, but a whole range of vulnerabilities would still be unanswered. If there is a way to isolate a nic from windows use, and only bind from a colinux standpoint, I think we'd have something powerful and useful. The wonderful little "labs in a box" that could be then built, it entices me. Robert co...@ew... wrote: >Date: Tue, 27 Apr 2004 21:05:43 +0100 >To: co...@ew... >From: peter green <plu...@p1...> >Subject: RE: [coLinux-devel] Windows Firewall > >it would require double nic support > >also unless done with care it could conflict with useing colinux to actually >run linux > >-----Original Message----- >From: col...@li... >[mailto:col...@li...]On Behalf Of >co...@ew... >Sent: 27 April 2004 20:36 >To: col...@li... >Subject: [coLinux-devel] Windows Firewall > > > > >Would it be possible to use colinux as a windows firewall? The idea would >be to bridge colinux's nic with my windows nic. Colinux would then be >tied directly to the outside. Windows would be setup to route only >through the WAN device so that colinux can do NAT, mangling, routing and >other cool firewalling stuff. > >Because it is a separate tcp/ip stack this is 100x better than a LSP based >firewall for windoze like McAfee or Norton's firewall. With a little work >and frontend magic, this could be made into a very painless download and >install since a firewall image could be as small as ~1mb (even 20mb would >be acceptable -- look at what is commercially available). > >Ideas? > >-- >Eric Wheeler >Vice President >National Security Concepts, Inc. >PO Box 3567 >Tualatin, OR 97062 > >http://www.nsci.us/ >Voice: (503) 293-7656 >Fax: (503) 885-0770 > > > >------------------------------------------------------- >This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek >For a limited time only, get FREE Ground shipping on all orders of $35 >or more. Hurry up and shop folks, this offer expires April 30th! >http://www.thinkgeek.com/freeshipping/?cpg=12297 >_______________________________________________ >coLinux-devel mailing list >coL...@li... >https://lists.sourceforge.net/lists/listinfo/colinux-devel >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.659 / Virus Database: 423 - Release Date: 15/04/2004 > >--- >Outgoing mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.659 / Virus Database: 423 - Release Date: 15/04/2004 > > > >------------------------------------------------------- >This SF.Net email is sponsored by: Oracle 10g >Get certified on the hottest thing ever to hit the market... Oracle 10g. >Take an Oracle 10g class now, and we'll give you the exam FREE. >http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click >_______________________________________________ >coLinux-devel mailing list >coL...@li... >https://lists.sourceforge.net/lists/listinfo/colinux-devel > > > |