Index of /ExFilter

[ICO]NameLast modifiedSize

[PARENTDIR]Parent Directory  -
[   ]ExFilter.zip2020-06-25 15:34 4.5M
[TXT]README.html2020-06-25 15:34 4.6K
[TXT]V1.1.3-manual.html2020-06-25 15:34 45K
[TXT]dhdsftpd.html2020-06-25 15:34 3.5K
[   ]dhdsftpd.zip2020-06-25 15:34 421K
[   ]makefile2020-06-25 15:34 588

ExFilter Firewall Software README File

ExFilter Firewall Software README File

# @(#) README.demo 1.2@(#) 95/05/22 # Modified
(c) ExNet Systems Ltd 1995, 1996.

 1) Please note that this software is supplied to you ``as is'' and without
    warranty of any kind.  You may only use it for demo or evaluation purposes,
    and for a maximum of one month, and must delete it and accompanying
    documentation after that time.  You may seek explicit permission from us to
    use it for longer.  We may grant this if you are an educational
    establishment or a private individual, or a bulletin board, distributor or
    other responsible redistributer.  Please email us at info@exnet.com and ask
    us, supplying us with your email address and real name and a brief reason
    for wanting to retain this demo software rather than buy the real thing.
    Under no circumstances may you disassemble or reverse-engineer this or the
    normal ExFilter executables.  We advise you to get the demo kit directly
    from our site ftp.exnet.com to minimise any possibility of the software
    being tampered with before you get it.

 2) Please note in particular that we cannot accept any liability for direct or
    consequential or any other losses from use of this software, especially due
    to hacking.

 3) A brief setup guide:

     a) Configure your firewall host with the minimum of services running
        (often none from inetd, for example) and a minimal kernel with *ROUTING
        TURNED OFF IN THE KERNEL*, eg build your kernel with:

            options "IPFORWARDING=-1"

        in the config file, and remove any unneeded options such as server- and
        client- side NFS.

        Turn off NIS (or YP, as it was).

        You should obtain and apply the latest version of Sun's jumbo STREAMS
        patch 100359 applicable to your SunOS version.

     b) Unpack the tar archive the software arrived in.

     c) Pick the appropriate executable for your host's architecture, and copy
        it somewhere suitable, eg /usr/etc.

        The ExFilter.c.* executables provided are very cut-down versions really
        only suitable for evaluation.  Only a maximum of two interfaces (eg le0
        and dp2) are supported, and a maximum of thirteen `route' routing
        rules.  In addition, the use of the HUP signal for reloading the
        ExFilter configuration is disabled.  Otherwise, the executables are
        fully functional.

     d) Copy the tinyeg.conf to /etc/ExFilter.conf.  Modify the network
        addresses in it to suit your network, including providing a sensible
        address for the `gateway' record.

        Provide a `verbosity' record with a value of about 5 or above for
        initial debugging and setup, and consider switching on the `trace'
        gateway parameter initially, eg:

            gateway  trace 

        Double check everything you have done above.

     e) Insert startup code for ExFilter into rc.local to run after all your IP
        interfaces have been brought up, something like this:

            EXFILTER=/usr/etc/ExFilter.O.sun4-SunOS-4
            if [ -f $EXFILTER ]; then
                    echo 'Starting Exfilter.'
                    ($EXFILTER &)   > /dev/console
            fi

     f) Think again about your configuration!  It may be all that stands
        between you and the wily hackers!

     g) Start up ExFilter by hand in the foreground and watch the output from
        syslog.  You can kill ExFilter with your INT character, usually ^C.

     h) Try rebooting the machine to check everything starts correctly in that
        case and that no packets are being let through that shouldn't be (eg
        nothing turns kernel routing on).

     i) When you are happy everything is working you may consider turning down
        verbosity to about 3 (so you can still see throttling going on and
        off), and almost certainly turn trace mode off if you haven't already.

     j) Keep an eye on network and gateway behaviour for unexpected behaviour.
        Don't entirely automate this, since the first thing a wily hacker
        should do is subvert any such mechanism.

 4) Buy the software!
 
    Contact info@exnet.com, tel +44 181 296 5577, fax +44 181 296 5578.

Enjoy!

ExNet home page
General queries to info@exnet.com, system queries to sysadmin@exnet.com.
Copyright ESL 1995.