Accessing a UNIX server through MS Proxy server 2.0

Taylor, Gregory - Open Systems
Tue, 2 Jun 1998 12:36:33 +0100


MS Proxy has an FTP proxy but no telnet.  If you have Internet
connection using MS Proxy as a "firewall" anyone can already telnet
straight in if you have MS Proxy with a single NIC or with a dual NIC
build if you have IP forwarding on (thankfully, the default is off!).

I have heard that the MS Proxy FTP gateway is not very good and
certainly I would not rely on it to protect my organisation.  Arguably
MS Proxy is not a firewall at all and even MS now advertise it as a
complementary product to firewalls.  In this respect I would agree, we
have TIS Gauntlet as a firewall but since introducing MS Proxy for www
access our access times have been dramatically improved because of the
excellent way it caches.

So, bottom line is you can't proxy telnet (your only alternative is to
open up to the world!!) and there are some concerns over its FTP proxy.
If I were you I would buy a firewall  ;-)


Greg Taylor MBCS, FIAP      
Open Systems Programme Leader
North Tyneside Council, Suite G3, Howard House Commercial Centre, Howard
Street, North Shields, Tyne & Wear.  NE30 1NT
tel: 0191 200 5610    fax: 0191 200 5609    mobile: 0411 002711