On Tue, Jan 23, 2001 at 12:49:39PM -0600, Ron DuFresne wrote:
> To what degree though is the packet inspection?
You can script it. The degree is much lesser than checkpoint is claiming
(proofed by ICMP statelessness, by FTP Port Attacks and so on).
It is actually in the default scripots not very secure (remeber the
mime/outlook buffer overrun, of course not trapped by statefull inspection).
So the question is, if one needs more than just "peeking" into the
protocols. And if yes, if a transparent application proxy isnt the better
idea.
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
