Re: [fw-wiz] How automate firewall tests



ASN.1 is a formal language to describe data structures for use of a number of
protocols. One would expect that protocols that use ASN.1 as their structure
grammar should be quite secure.
But there have probably been more vulnerabilities in ASN.1 based protocols
than any other. SO even a formal grammar is probably not good enough to define
"correct" input.


-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx] On
Behalf Of Jean-Denis Gorin
Sent: Monday, August 21, 2006 6:07 AM
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [fw-wiz] How automate firewall tests

On Fri, 18 Aug 2006 21:44
Strabla Ruggero wrote:

On Fri, 18 Aug 2006 10:17:13 +0200
Jean-Denis Gorin <jdgorin@xxxxxxxxxxxx> wrote:

The second point requires a tool able to *understand* a security
policy. And that requires a tool able to *model* a
security policy.

I think this would be great but a bit far from my possibility.

Formal langage could be a nice way to deal with that problem.
But that's another
story...



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards