RE: [fw-wiz] Application-level Attacks

From: Marcus J. Ranum (
Date: 02/14/05

  • Next message: Paul Melson: "RE: [fw-wiz] Cisco Concentrator - pix515 Lan-to-Lan"
    To: "Ofer Shezaf" <>, <>
    Date: Mon, 14 Feb 2005 13:31:42 -0500

    >"The current generation of firewalls focuses on the network level, kind
    >of like the walls of a fort stopping direct attack," said Pescatore.
    >"However, close to 75% of today's attacks are tunneling through

    This sounds like typical Gartner-spew. There's nothing there
    to back up the numbers, no methodology, no science. How
    did Pescatore come up with that figure, is what I want to
    know? My guess is he found it in the bottom of a box of
    Cracker Jacks.

    The reason I jumped on your post is because I strongly
    believe that in order for computer security to grow up and
    stop being an intellectual backwater - we need to apply a
    little science and attempt to accurately quantify what we
    are doing. That means no more analysts practicing
    proctological numerology, no more self-selected samples
    used in polls, no more proof by vigorous hand-waving.

    The article you reference is a thinly-veiled puff piece for
    "application security gateways" (read: marketing's new
    word for proxy firewalls)


    firewall-wizards mailing list

  • Next message: Paul Melson: "RE: [fw-wiz] Cisco Concentrator - pix515 Lan-to-Lan"