Re: [fw-wiz] SCADA



On Mon, Apr 27, 2009 at 1:09 PM, Jim Seymour <jseymour@xxxxxxxxxxx> wrote:

Dotzero <dotzero@xxxxxxxxx> wrote:
[snip]

or DNS

So-called "Janus DNS" solves this.  First described in print in
Cheswick & Bellovin's "Firewalls and Internet Security: Repelling
the Wily Hacker," I believe.


It's not just executable code. I do a DNS lookup to find out where to
connect to. The proxy passes the answer. It does not guarantee the
answer is correct. And for those who would point to DNSSEC, how many
domains currently sign? When will the root sign? When will .com sign?
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards