Re: [fw-wiz] Application Intelligent vs ALG

ark_at_eltex.net
Date: 06/24/03

  • Next message: Rama krishna prasad: "Re: [fw-wiz] Application Intelligent vs ALG" 
    To: Frederick M Avolio <fred@avolio.com>
Date: Tue, 24 Jun 2003 20:35:15 +0400

    I was under the impression that "Application intelligence" does some
    protocol detection heuristics like IDS do, thus allowing not hardwiring
    protocols to port numbers, i.e. if someone is running ICQ or HTTP over
    some port opened for proprietary application, it is able to detect and
    stop it. Am i wrong?

    On Mon, Jun 23, 2003 at 09:18:19AM -0400, Frederick M Avolio wrote:
    > A fancy proxy.
    >
    > Three different people from Check Point wrote me in response to a recent
    > column of mine, basically asking me if I had heard of this new feature.
    >
    > I replied with a brief history. In short: Firewall-1 comes on the scene,
    > most FW1 users implement it with modules from the TIS FWTK (for adding user
    > authentication to FTP and TELNET), Check Point's marketing says proxies are
    > old technology, stateful inspection is the next generation of firewall
    > technology (before the term became a product name), people persisted in
    > using proxies, CP added "security servers" (proxies by another name), and
    > now this.
    >
    > I asked them, how is this different from application gateways (security
    > proxies). I applaud the addition of them (like there are other hybrid
    > firewalls). But none of the three folks from CP replied to me.
    >
    > I have no agenda, except the truth. (Boy, is this guy noble, or what? :-))
    > I'd like to know the answer to this: How this is different than application
    > gateways (if it is), and why is it better than Sidewinder, Firebox, Raptor,
    > et al.
    >
    >
    > Fred
    > Avolio Consulting, Inc.
    > 16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
    > +1 410-309-6910 (voice) +1 410-309-6911 (fax)
    > http://www.avolio.com/
    > PGP Key Fingerprint: 928D 0903 934F 8CFA 6124
    > BBF6 0B45 93C7 3521 CEA0
    >
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Rama krishna prasad: "Re: [fw-wiz] Application Intelligent vs ALG"

    Relevant Pages

    • Re: Enabling telnet, ftp, pop3 for root...
      ... MASIVE security improvement over just having an open port sitting there. ... time and effort, can be undone. ... That is done with technology so ... undo the printing I just did using a computer... ...
      (alt.os.linux)
    • Re: IP GAPPING - Tricky one
      ... port scan, which came back with zero ports open. ... So I guess its kind of like a stateful firewall ... >> "IP Gap Technology ensures access to the connected ... >> computer system is disabled as it creates a virtual GAP ...
      (microsoft.public.win2000.security)
    • Re: System.Net.Sockets.SocketException -UDP
      ... Die Gateways antworten auf einem beliebigen Port und deren Antwort ... EndPoint senderRemote; ... catch (Exception ex) ...
      (microsoft.public.de.german.entwickler.dotnet.csharp)
    • Re: System.Net.Sockets.SocketException -UDP
      ... > an einen bestimmten wellknown Port geht. ... > IPEndPoint endPoint = new IPEndPoint ... Stimmt, die Gateways senden nnicht über einen bestimmten Port, nur der ... Next by Date: ...
      (microsoft.public.de.german.entwickler.dotnet.csharp)
    • Re: Your thoughts please (spec)
      ... Supports AMD CPU Cool 'n' Quiet Technology ... 1x Parallel Port, 1x Serial Port ...
      (uk.people.silversurfers)