At 05:20 PM 5/22/2001 -0500, Ron DuFresne wrote:
>Which, again, brings up an oft asked question, still left unanswered:
>
>How deeply do application proxies actually look into the packets? What
>degree do the majhor players go to to determine what is and is not
>acceptable? How many actually look deeper then the packet headers? How
>many look at more then the mere headers after the first packet or two?
Anywhere from complete analysis of the protocol to none at all.
A generic service proxy, like plug-gw, doesn't look at the traffic at all.
A service specific proxy, like ftp-gw, participates in the protocol and can
block attacks like fake "PORT" commands embedded in responses.
>Does there yet exist a comparison of the various application proxies in
>this regard online? something more tangeble then the marketing hype of
>the sales lizards that is...
That's doubtful - it'd be a lot of work to gather the information; the
marketing folks wouldn't want too much details of their weaknesses to
become public information.
-Rick
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
