>From a different Paul...
The problem is that many people notice that HTTP and SSL are allowed
through firewalls, they decide the best way to get nifty new service
through is to run it over HTTP or SSL. Many people avoid implementing
something like SMTP auth by running SMTP over SSL. Now say that you
want your firewall to scan for virii, trojans, whatever. How does it
do that?
For the truly amusing scenario, consider people who want to let MBONE
stuff, which is basically arbitrary IP packets encapsulated in a
unicast stream, through the firewall to a multicast server inside
your net that will strip the encapsulation and place the revealed
packets on your net. Does that make you feel comfortable about
letting it through your firewall?
-paul
Michael Sorbera wrote:
>
> Hello everyone,
> Paul, you mentioned that SSL was one of your "no's". Could you please explain to
> me how SSL can be used to encapsulate something? Also why the no? Please keep
> the explanation down to a level I can understand.
>
> Thanks all,
> Michael Sorbera
> Webmaster/Network Engineer
> Randolph-Brooks Federal Credit Union
> www.rbfcu.org
> [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
