Re: [fw-wiz] IPS Content filtering techniques



Well, what's the purpose of getting those null data through?
Why do you need it?

On Wed, Aug 15, 2007 at 03:35:24PM +0200, Skough Axel U/IT-S wrote:

Does really nobody know anything about a Web proxy product filtering on MIME Content-Type setting and capable to omit this check when the MIME Content-Length setting in force appears to be zero? The RFC 2616 states that the Content-Type header statement can be omitted in this situation and, indeed, it has no meaning as the data section is declared to be of length zero.

Otherwise the data section should of course be in general be assumed to be of type "application/octet-stream" but when no data section is present it is obviously no problem in bypassing the Content-Type check! Thus, there are no data to prevent entering for in this situation, but the packet in force may have othre meanings such as redirect etc.

I would appreciate any comments in this matter!

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards