It is very easy to let any protocol through most firewalls. But does the
protocol which itself is dangerous become less dangerous through that fact?
If you open everything what your users screem for than you do not really
need a firewall.
[EMAIL PROTECTED] (Larry Claman) writes:
> For what it's worth, ICA uses a single TCP port, so it should be very easy to
> add support under Gauntlet or other proxy based firewalls using a plug-proxy.
>
> Many firewall vendors (NAI included) list a whole bunch of "supported"
> applications that they proxy, but in reality these are just preconfigured
> plug-proxies, with no real application awareness. IMHO, these vendors
> should distinguish when the proxy is doing real application filtering (i.e.,
> http-gw on Gauntlet) versus just plugging the port.
have fun ...
--
=========================================================================
Peter Bruderer mailto:[EMAIL PROTECTED]
Bruderer Research GmbH Tel ++41 52 620 26 53
Internet Security Services Fax ++41 52 620 26 54
CH-8200 Schaffhausen http://www.bruderer-research.com
=========================================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
