Re: [fw-wiz] Rationale of the great DMZ
From: Steven M. Bellovin (smb@research.att.com)
Date: 07/13/02
- Next message: joe macdonald: "[fw-wiz] Cisco 2621 opinions"
- Previous message: Dana Nowell: "Re: [fw-wiz] dirty packet tricks?"
- Maybe in reply to: Scott, Richard: "[fw-wiz] Rationale of the great DMZ"
- Next in thread: firewalls@msg.net: "Network "tap" (was Re: [fw-wiz] Rationale of the great DMZ)"
- Reply: firewalls@msg.net: "Network "tap" (was Re: [fw-wiz] Rationale of the great DMZ)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Steven M. Bellovin" <smb@research.att.com> To: Paul Robertson <proberts@patriot.net> Date: Sat Jul 13 11:11:01 2002
In message <Pine.LNX.4.44.0207101323470.23014-100000@adams.patriot.net>, Paul R
obertson writes:
>I've always been of the opinion that stats should be gathered off the
>network by a machine that doesn't have transmit capability (either the
>cable doesn't have a TX wire, or the Ethernet driver for the listening NIC
>doesn't have that code.)
There are actually commercial devices to do that -- the FBI uses one
with Carnivore...
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)
- Next message: joe macdonald: "[fw-wiz] Cisco 2621 opinions"
- Previous message: Dana Nowell: "Re: [fw-wiz] dirty packet tricks?"
- Maybe in reply to: Scott, Richard: "[fw-wiz] Rationale of the great DMZ"
- Next in thread: firewalls@msg.net: "Network "tap" (was Re: [fw-wiz] Rationale of the great DMZ)"
- Reply: firewalls@msg.net: "Network "tap" (was Re: [fw-wiz] Rationale of the great DMZ)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
