Cool Security Solution!?! (Mac)

[Hammerton]

(longish, tedious message, but please read to the end)

I recently bagged my perfectly adequate FMPro4.1 server set-up to acheive the additional security benefits of running FMPro5u'ltd behind my Webstar server via the web server connector. I intended to use the IP restriction feature to limit requests to FM to only those passing through the server machine (see previous post). I was dismayed to find out that the IP restriction applied only to the client IP address, even though the FM access logger clearly specifies that it thinks all requests are coming from the IP of the server machine. (so why couldn't FMI make the IP restriction feature responsive to this information?? )

Anyway, when I started my server I immediately got hit by Nimda and code red. I asked for help with this and was told to look into a program call IPNetSentry.

"IPNetSentry from http://www.sustworks.com will stop these 'Nimda' hits."

It's a cool little program that monitors and filters all incoming network requests (all protocols all ports). It easily solved my worm problem (though the default is that it shuts down tcp when it detectes an attack- this can be disabled).

Here's the cool part. IPSentry's IP restriction feature DOES ACT LIKE FMPRO'S SHOULD!! I have just started screwing around with it, but as of this moment it seems to be working to deny direct requests to the machine running FMP5, and is allowing all requests coming from the webstar box via the web server connector.

I will leave it to more experienced administrators/programmers to evaluate this solution, and I look forward to their feedback. It seems very promising though. I am particularly excited that this security arrangement can be executed with machines running copies of FM4.x

[ December 20, 2001: Message edited by: Dr.J. ]