22 Jun
2001
22 Jun
'01
10:33
If you want to set up a (small) site, with one internet connection, an internal LAN with windows machines/users, and a linux box to serve as internet gateway, and you should provide e-mail, dns, and web surfing (nothing more, not instant messaging, no streaming media downloads, no fancy stuff), what would be better to use on the (SuSE) linux box: firewalling + masquerading, or firewalling + proxy-ing (e.g. squid). I am asking this from the security point of view (which setup is "more" secure?). In both cases the linux box will run an e-mail server and a dns server.
That depends on which applications you trust more to be secure: the proxies or the applications on the user's hosts. I know what I prefer... Tobias