tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philipp Taprogge <Philipp.Tapro...@gmx.net>
Subject Re: [Q] Tomcat & ZoneAlarm?
Date Mon, 29 Dec 2003 19:53:45 GMT
Hi!

Riaan Oberholzer wrote:
> This is not a Tomcat issue, but I've tried desperately
> and could find no answer elsewhere... can someone
> please tell me how to get Tomcat working with
> ZoneAlarm (free version) as firewall?

In general, it is very advisable to know what a firewall does and how 
it works before installing one. In general, ZoneAlarm is a (rather 
simple) packet filter, i.e. a piece of software that examines network 
packets as they arrive at or depart from the machine and decides on a 
set of rules to allow or deny them. If you want a so protected machine 
to run tomcat and access it from beyond the firewall, you need to add 
a rule that allows requests from external sources directed at port 80 
(or whatever you set your tomcat to listen on) on the local machine 
and also to allow the responses from tomcat to any external host.
If you want to use SSL, you will have to allow those 
request/response-pairs as well.
You should, however concider wether you really need a firewall, if 
your machine is a pure server that does not serve other purposes. In 
that case, you should just close all ports you don't need. A closed 
port is no risk and if the listening software has flaws, a firewall 
wouldn't protect you either.

HTH

	Phil


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message