Re: [fw-wiz] Firewall best practices
- From: "Marcus J. Ranum" <mjr@xxxxxxxxx>
- Date: Thu, 22 Apr 2010 09:17:35 -0500
Martin Barry wrote:
...and every app that wants to work around a firewall just encrypts it's
traffic and runs the server on port 443.
That's why firewalls need to go back to doing what they
originally did, and parsing/analyzying the traffic that
flows through them, rather than "stateful packet
inspection" (which, as far as I can tell, means that
there's a state-table entry saying "I saw SYN!")
If the firewall doesn't understand the data it's passing,
it's not a firewall, it's a hub.
mjr.
--
Marcus J. Ranum CSO, Tenable Network Security, Inc.
http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] Firewall best practices
- From: Martin Barry
- Re: [fw-wiz] Firewall best practices
- References:
- Re: [fw-wiz] Firewall best practices
- From: Anton Chuvakin
- Re: [fw-wiz] Firewall best practices
- From: Jason Lewis
- Re: [fw-wiz] Firewall best practices
- From: Morty
- Re: [fw-wiz] Firewall best practices
- From: Martin Barry
- Re: [fw-wiz] Firewall best practices
- Prev by Date: Re: [fw-wiz] Looking for firewall mgmt solution
- Next by Date: Re: [fw-wiz] Looking for firewall mgmt solution
- Previous by thread: Re: [fw-wiz] Firewall best practices
- Next by thread: Re: [fw-wiz] Firewall best practices
- Index(es):
Relevant Pages
|
