<snip>
> For the majority of protocols I think it is a smart packet
> filter. Further I
> don't think FW-1 stops a connection if you start a telnet session
> on port 80
> if you don't use the security server. In my opinion this was the original
> question.
You're right here Heiko. Without security servers, you can basically tunnel
over port 80 not of http contents. I tried it before btw. That's one of the
reason why I dislike https... another damn hole if you ask me. Unless we go
for the proxy auth thing but then users would be screaming everywhere.
> Without security server FW-1 behaves strongly like a smart packet filter.
>
>
> Heiko Ploehn
>
Rgrds,
Wong.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
