Re: [fw-wiz] Firewalls that generate new packets..

Not certain what you mean when you limit the discussion to Internet-enabled software vendors but I am pretty certain that everyone who runs an SSL VPN is running a proxy of some sort.

Aren't many VoIP-aware firewalls glorified SIP proxies that try to make SIP secure in the absence of anything in the session initiation protocol that one might consider a security feature? If I recall, SIP is one of the many IETF protocols that has a "Security" section that says, "yep, there are security issues with this protocol but hey, never let security stand in the way of a disruptive technology..."


Paul D. Robertson wrote:
On Mon, 19 Nov 2007, Paul Melson wrote:

and has a miniscule share of the total firewall market. Of course, Cisco,
Check Point, and most of their competitors have proxies. Proxy firewalls
are dead. Long live proxy firewalls.

But if my experience with Internet-enabled software vendors is anywhere near common, nobody's enablign the proxies.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
http://www.fluiditgroup.com/blog/pdr/
Art: http://PaulDRobertson.imagekind.com/

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

begin:vcard
fn:David Piscitello
n:Piscitello;David
adr;dom:;;3 Myrtle Bank Lane;Hilton Head;SC;29926
email;internet:dave@xxxxxxxxxxx
x-mozilla-html:FALSE
url:http://hhi.corecom.com/weblogindex.htm
version:2.1
end:vcard

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • [NEWS] SIP Packet Reloads IOS Devices Not Configured for SIP
    ... Get your security news from a reliable source. ... SIP Packet Reloads IOS Devices Not Configured for SIP ... Proto Remote Port Local Port In Out Stat TTY OutputIF ... Enter configuration commands, one per line. ...
    (Securiteam)
  • Re: Protocol Analysis
    ... Subject: Protocol Analysis ... Concerned about Web Application Security? ... testing and vulnerability management needs. ... most comprehensive solutions to meet your application security penetration ...
    (Pen-Test)
  • [fw-wiz] UNSUBSCRIBE
    ... (Paul D. Robertson) ... > fixup protocol icmp error ... >> isn't about the security properties of the control, ... errors in the firewall, configuration errors, and it then takes physical ...
    (Firewall-Wizards)
  • Re: 802.11i
    ... Access" and it is security "system" for wireless networks that employs ... While TKIP "Temporal Key Integrity Protocol" is actual protocol under ... safer to communicate using RC4 stream cipher, ... But that is WPA v1., which is done to be as an enhancement ...
    (Security-Basics)
  • RE: Ambiguities in TCP/IP - firewall bypassing
    ... T/TCP does indeed require multiple flags to be set ... simultaneously, however, it's also not a proven protocol. ... There's also a clear security issue with allowing one side of the ... standard TCP/IP it's relatively easy to spoof the source IP for the SYN ...
    (Bugtraq)