T.Rex  V1.0 Release Notes for AIX 4.2 and 4.3
==============================================================================

An automated install for T.rex has been implemented for AIX 4.2 and 4.3.  
To install T.Rex execute as root:

          ./install_TREX

Follow the configuration steps listed at completion. The log file
install_TREX.log is saved in the install directory for future reference.

The automated install saves all modified system files for restoration.
To remove T.Rex, execute as root:

          ./remove_T.Rex

The log file remove_T.rex.log is saved in /var/tmp for future reference.
An automated update facility that can be executed on an operational system
has been implemented for AIX 4.2 and 4.3.  To update T.Rex, execute as root:

           ./update_TREX

Follow any configuration steps listed at completion.  The log file 
update_TREX.log is saved in the update directory for future reference.

The CDE desktop uses an insecure RPC service and has consequently been  
disabled.  The X Window system can be started by typing xinit at the command
line after logging in.

A secure telnet client (ptelnet) can be optionally installed on a AIX,
Linux, Solaris, WIN95, or WIN/NT system to provide DES-encrypted telnet
between the client and firewall.  Ptelnet allows secure connections over local
networks or the Internet when accessing protected systems or performing 
remote administration of the firewall. 

The SOCKS clients rtelnet, rftp, rfinger, and rwhois can be optionally  
installed on a protected AIX, or Solaris system to provide functionality
equivalent to their "non-SOCKSified" counterparts but with transparent access to
systems beyond the firewall.

Real Audio support is available through the HTTP proxy if enabled.

Options available with the Deluxe and Professional Editions:

    Real Audio proxy (raproxy) provides access to Real Audio servers that are not
    based on web servers.   

    RPC support is available for TCP and UDP using the RPC proxy available with
    the deluxe and professional editions.

    The High Availability Option permits two redundant firewalls to dynamically 
    share the load while backing each other up.  Should one firewall fail the
    other will automatically take over the functions of the failed system.  
    The fwpulse program has to be configured on both systems for this the work.
    Identical fwpulse configuration files are used on each firewall. 

The T.Rex monitoring program fwmon automatically starts specialized monitors to 
defend against SYN flood attacks and IP address spoofing.  These features are
automatically enabled at system boot-up.

The process monitor (procmon) can be configured to ensure that the desired 
processes are running and that un-wanted processes are not.  This capability can
be enabled by parameters in the fwmon.conf file.

To defend against the large ICMP packet ("Ping of Death") denial of service
attack, it is recommended that the appropriate AIX patch be installed:

          AIX 4.1.4 - APAR IX59453
          AIX 4.2.0 - APAR IX61858

The T.Rex Installation and Administration Guide is available in PDF format and
can be found in the documentation directory.  This requires use of the Adobe
Acrobat reader. If you don't have one you can down loaded a free version from
http://www.adobe.com.

T.Rex uses two DNS servers. One runs on the firewall and is used to resolve
Internet host names.   You should also have an internal DNS server to resolve
host names for the protected network.   The following sample files for
configuring an internal domain name server on a protected system are available
in the examples directory on the CD-ROM.

examples:

    iDNS.named.boot   ->  /etc/named.boot
    iDNS.named.ca     ->  /etc/named.ca
    iDNS.named.hosts  ->  /etc/named.hosts
    iDNS.named.local  ->  /etc/named.local
    iDNS.named.rev    ->  /etc/named.rev

Three example scripts for continuously displaying T.Rex log information are
available in the examples directory. 

    display_syslog - system log file
    display_alerts - security alerts
    display_webgate - webgate access
