>>>>> "Mark" == Mark E Drummond <[EMAIL PROTECTED]> writes:
Mark> Wrong. An application proxy will analyze packet contents and nix
Mark> anything that is not cosher with the expected protocol. Including
Mark> unintelligle "encrypted" traffic.
<snort> If you believe that, I have a bridge to sell you...
IP over e-mail has been implemented. Do you allow e-mail? Then I can tunnel
connections. You can _never_ stop covert channels - there are too damn many
ways to get information out. You can try to eliminate tham, and make your
users do more and more bizarre things. Or you can figure out what they need
to get done, and come up with an acceptable means of so doing.
--
Carson Gaspar -- [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
http://www.cs.columbia.edu/~carson/home.html
Queen Trapped in a Butch Body
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
