Daemons
When you are building your firewall, you may wish to replace your standard daemons with the daemons described in the following sections.wuarchive ftpd
ftp://ftp.wustl.edu/packages/wuarchive-ftpd/The wuarchive FTP daemon offers many features and security enhancements, such as per-directory message files shown to any user who enters the directory, limits on number of simultaneous users, and improved logging and access control. These enhancements are specifically designed to support anonymous FTP.
GateD
http://www.gated.merit.eduGateD is a routing daemon that provides multi-protocol support and filters routes based on their source. GateD used to be freely available but is now a commercial product.
Zebra
http://www.zebra.orgZebra is an open source routing daemon that provides multi-protocol support and filters routes based on their source.
Postfix
http://www.postfix.orgPostfix, by Wietse Venema, is a security-oriented Unix mailer daemon; it is discussed in "Electronic Mail and News".
qmail
http://www.qmail.orgqmail, by Dan Bernstein, is a security-oriented Unix mailer daemon; it is discussed in "Electronic Mail and News".
smail
ftp://ftp.planix.com/pub/Smail/smail is also a replacement Unix mailer daemon, discussed in "Electronic Mail and News".
portmap
ftp://coast.cs.purdue.edu/pub/tools/unix/portmap.sharportmap, from Wietse Venema, is a portmapper replacement that offers access control in the style of the TCP Wrapper program, described in , "Utilities", later in this appendix.
Andrew File System (AFS)
http://www.transarc.comAFS is a network filesystem that is more suitable for use across wide area networks such as the Internet than traditional LAN-oriented network filesystem protocols such as NFS. From the AFS document:
AFS is a distributed filesystem that enables cooperating hosts (clients and servers) to efficiently share filesystem resources across both local area and wide area networks.
AFS is marketed, maintained, and extended by Transarc Corporation.
AFS is based on a distributed file system originally developed at the Information Technology Center at Carnegie-Mellon University.
rsync
http://rsync.samba.org/rsyncrsync is a synchronization protocol that uses checksums to determine differences (instead of relying on modification dates) and does partial file transfers (transferring only the differences instead of the entire files). rsync was developed by Andrew Tridgell and Paul ackerras. The rsync daemon, rsyncd, provides an efficient and secure way to make files available to remote sites.
Samba
http://www.samba.orgSamba is an open source package for Unix and related systems that provides SMB/CIFS service, including file and printer sharing. It allows a Unix system to act as a server for PCs. In addition, the Samba source is an effective form of documentation of how SMB/CIFS works and provides a number of tools that may help you in debugging icrosoft networks.
ssh
http://www.ssh.orgssh is a secure remote login program, available for both Unix and Windows. It is discussed in "Remote Access to Hosts".
BO2K
http://www.microsoft.com/backofficeserverBO2K is a remote control program for Microsoft Windows systems. It is discussed in "Remote Access to Hosts".
mIRC
http://www.mirc.com/mIRC is an IRC client. It is discussed in "Real-Time Conferencing Services".