Re: [fw-wiz] Firewall best practices
- From: Martin Barry <marty@xxxxxxxxxx>
- Date: Fri, 23 Apr 2010 10:46:03 +0200
$quoted_author = "Marcus J. Ranum" ;
That's why firewalls need to go back to doing what they
originally did, and parsing/analyzying the traffic that
flows through them, rather than "stateful packet
inspection" (which, as far as I can tell, means that
there's a state-table entry saying "I saw SYN!")
Marcus, are you referring to DPI or proxies or both or something else
entirely?
If the firewall doesn't understand the data it's passing,
it's not a firewall, it's a hub.
If an application emulates HTTPS traffic and is proxy aware, how do you tell
the difference?
cheers
Marty
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] Firewall best practices
- From: david
- Re: [fw-wiz] Firewall best practices
- From: Marcus J. Ranum
- Re: [fw-wiz] Firewall best practices
- References:
- Re: [fw-wiz] Firewall best practices
- From: Anton Chuvakin
- Re: [fw-wiz] Firewall best practices
- From: Jason Lewis
- Re: [fw-wiz] Firewall best practices
- From: Morty
- Re: [fw-wiz] Firewall best practices
- From: Martin Barry
- Re: [fw-wiz] Firewall best practices
- From: Marcus J. Ranum
- Re: [fw-wiz] Firewall best practices
- Prev by Date: Re: [fw-wiz] Looking for firewall mgmt solution
- Next by Date: Re: [fw-wiz] Firewall review tool for Junipers
- Previous by thread: Re: [fw-wiz] Firewall best practices
- Next by thread: Re: [fw-wiz] Firewall best practices
- Index(es):
Relevant Pages
|
