home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Building Internet Firewalls

Building Internet FirewallsSearch this book
Previous: B.4 Proxy Systems Tools Appendix B
Next: B.6 Utilities

B.5 Daemons

When you are building your firewall, you may wish to replace your standard daemons with the daemons described below.

B.5.1 wuarchive ftpd


The wuarchive FTP daemon offers many features and security enhancements, such as per-directory message files shown to any user who enters the directory, limits on number of simultaneous users, and improved logging and access control. These enhancements are specifically designed to support anonymous FTP .

B.5.2 CERN httpd


CERN is the European Laboratory for Particle Physics, in Switzerland, and is "the birthplace of the World-Wide Web." The CERN HTTP daemon is one of several common HTTP servers on the Internet. What makes it particularly interesting from a firewalls point of view are its proxying and caching capabilities. (We describe these in Chapter 7 .)

B.5.3 portmap


portmap , from Wietse Venema, is a portmapper replacement which offers access control in the style of the TCP Wrapper program, described in the next section.

B.5.4 gated


gated is a routing daemon that allows you to specify the hosts from which you'll accept routing information.

B.5.5 Andrew File System ( AFS )


AFS is a network filesystem that is more suitable for use across wide area networks such as the Internet than traditional LAN -oriented network filesystem protocols such as NFS . From the AFS document:

AFS is a distributed filesystem that enables cooperating hosts (clients and servers) to efficiently share filesystem resources across both local area and wide area networks.

AFS is marketed, maintained, and extended by Transarc Corporation.

AFS is based on a distributed file system originally developed at the Information Technology Center at Carnegie-Mellon University.