When ya disected the TIs proxies, what did ya find they actually did?
Thanks,
Ron DuFresne
On Wed, 8 Mar 2000, Ng, Kenneth (US) wrote:
>
>
> On Wednesday, March 08, 2000 3:34 PM, John Adams [SMTP:[EMAIL PROTECTED]]
> wrote:
> > On Wed, 8 Mar 2000, Ng, Kenneth (US) wrote:
> >
> > > You want the truth? I caught one major firewall vendor in a big lie
> over
> > > this one. Their so called proxy was nothing more than a transparent
> > > connection, yet when I asked them if I put a telnet daemon on another
> >
> > Very few firewalls actually check that the protocol travelling over a
> > particular port -really is- what the port is supposed to be used for.
>
> If this is the case, and I am at least partly inclined to believe it, then
> why do we have application proxy firewalls at all? I could save a fortune
> switching to CheckPoint or even a Cisco router with filtering.
>
> Also, this is another plug for Open Source. When I had the TIS, it came
> with the source code, I could see what it was doing, and several times I
> really did go in and trace through the logic (had to diagnose a problem, one
> version of Microsoft IIS always assumed that a response will come back in
> one packet. If the packet got broken up into two packets, perfectly legit
> TCP, IIS blew up).
>
>
> *****************************************************************************
> The information in this email is confidential and may be legally privileged.
> It is intended solely for the addressee. Access to this email by anyone else
> is unauthorized.
>
> If you are not the intended recipient, any disclosure, copying, distribution
> or any action taken or omitted to be taken in reliance on it, is prohibited
> and may be unlawful. When addressed to our clients any opinions or advice
> contained in this email are subject to the terms and conditions expressed in
> the governing KPMG client engagement letter.
> *****************************************************************************
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
