Re: [fw-wiz] Evolution of Firewalls

• Previous message: Sloane, David: "RE: [fw-wiz] Does a router like this exist?"
• In reply to: ArkanoiD: "Re: [fw-wiz] Evolution of Firewalls"
• Next in thread: Melson, Paul: "RE: [fw-wiz] Evolution of Firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: ark@eltex.net
Date: Thu, 18 Mar 2004 09:34:44 -0500

ArkanoiD wrote:
>Slightly OT, anyone aware of WHICH protocol subset do email clients
>use when doing IMAP4? I am still planning to implement a proxy, and RFC
>requires all servers to support the whole fscking pile of s**t!
>(still tring to imagine that terrible brain damage that may lead
>protocol designers to such an idiotic requirement)

I haven't looked at it, so I can't help you there. But the "methodology"
(it doesn't deserve the term...) I used to use is pretty straightforward.
I'd write the main loop that handles the I/O on the command stream
and then I'd put it inline with a couple of clients and implement the
command set that the client used and stop when I had it working with
a couple of clients. ;)

This worked surprisingly well, because I was able to "minimize"
everything as I worked on it - whenever a command came through
I'd ask myself "what the heck?" and figure out what it was supposed
to do and then add whatever controls I could. Look for: buffer
lengths, pathnames, execution commands, file operations,
password lengths, username lengths, extra tokens on commands,
line breaks, metacharacters where appropriate, etc. Then when
you fire up a new client you'll periodically get something new that
makes the proxy get upset - that's how you know it's working. :)

Ignore the RFCs. Remember: they're part of the problem, not a
definition of the solution. I'd go so far as to say that a proxy is
*inherently* a violation of the RFCs - if it's done right. ;)

mjr.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Sloane, David: "RE: [fw-wiz] Does a router like this exist?"
• In reply to: ArkanoiD: "Re: [fw-wiz] Evolution of Firewalls"
• Next in thread: Melson, Paul: "RE: [fw-wiz] Evolution of Firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ISA Server Problems, please help ... Based on the rules you have listed, SecureNAT clients should only be allowed ... The All access rule for SBS Internet Users ... Web Proxy and/or Firewall Client ... > header to the publishing server instead of the actual one. ... (microsoft.public.windows.server.sbs) Re: ISA 2004 Web Proxy Clients ... Do I need to create WPAD cname record in DNS in concert with WPAD entries in ... Is it possible to propagate web proxy information to clients using WPAD ... proxy clients dont get proxy server address in LAN settings of IE.Another ... (microsoft.public.isa.clients) RE: Web Pages Stall ... The clients can access the internet via IE7. ... All proxy settings are correct. ... Do you still need the ISA logs?? ... (microsoft.public.windows.server.sbs) Re: encapsulating webservice proxy to hide complexity ... - I really don't want my Web Proxy class to be exposed... ... with the ways your clients will be using the service. ... I would like to provide a simpler interface from my WS client DLL, ... int ret3 = pxy.SimplerMethod; ... (microsoft.public.dotnet.framework.webservices) ICS and Proxy Settings ... Is there any way using ICS to tell its DHCP clients what proxy settings to ... I have 2-way satellite internet access at home (via ... (microsoft.public.windowsxp.general)