Table of Contents
Installing the�Trusted Information Systems�Internet Firewall Toolkit
The TIS Firewall Toolkit
The TIS Firewall Toolkit (cont)
The TIS Firewall Toolkit (cont)
Blocking Traffic Between Networks
Blocking Traffic (cont)
Blocking Traffic (cont)
Blocking Traffic (cont)
Installing the Toolkit
Helpful Hint: Tripwire
Follow Conventions
Reboot Often While Testing
Reboots
Configure TCP/IP
Adaptive Routing
Gated
Static Routing
Typical Firewall Routing
Nasty Routing
Nasty Routing (cont)
Kernel Configuration
Ipforwarding
Ipforwarding (cont)
Ipforwarding (cont)
Server Processes
Server Processes (cont)
Boot Time Servers
Boot Time Servers (cont)
Boot Time Servers (cont)
A Bare Process Table
Netstat Output
Restricting Root Login
Restricting Root Login (cont)
Unpacking the Toolkit Sources
Configure the Sources
Configure the Sources (cont)
Configure the Sources (cont)
Compile the Toolkit
Toolkit Does not Build
Toolkit is Built, Now What?
Implementing Policy
Implementing Policy (cont)
Implementing Policy (cont)
Netperm-table
Netperm-table (cont)
Netperm-table (cont)
Netperm-table (cont)
Logging Errors
Logging Errors (cont)
Proxies
Proxies (cont)
/etc/inetd.conf (for a toolkit firewall)
/etc/inetd.conf (alternate form)
Netacl: a TCP wrapper
Netacl (cont)
Netacl (cont)
Netacl (cont)
TN-Gw: Telnet Proxy
TN-Gw (cont)
Rlogin-Gw: Rlogin Proxy
Rlogin-Gw (cont)
FTP-Gw: FTP Proxy
FTP-Gw (cont)
X-gw: X11 Proxy
X-gw (cont)
Http-gw: Web proxy
Http-gw (cont)
Smap - SMTP queuer
Smap (cont)
Smap (cont)
Smap (cont)
Smap (cont)
Smapd
Smapd (cont)
Smapd (cont)
Testing Smap
Testing Smap (cont)
Authsrv
Authsrv (cont)
Authsrv Initialization
Authsrv Initialization (cont)
Authorizing a User
Authorizing users (cont)
Authorizing users (cont)
Backing up Authsrv
Netperm-table
Netperm-table (cont)
Netperm-table (cont)
Netperm-table (cont)
Netperm-table (cont)
Reporting
Testing Procedures
Testing Procedures (cont)
Maintaining the Software
Installing Patches
Summary
|