On Wed, 23 May 2001, Rick Murphy wrote:
> At 05:20 PM 5/22/2001 -0500, Ron DuFresne wrote:
> >Which, again, brings up an oft asked question, still left unanswered:
> >
> >How deeply do application proxies actually look into the packets? What
> >degree do the majhor players go to to determine what is and is not
> >acceptable? How many actually look deeper then the packet headers? How
> >many look at more then the mere headers after the first packet or two?
>
> Anywhere from complete analysis of the protocol to none at all.
> A generic service proxy, like plug-gw, doesn't look at the traffic at all.
> A service specific proxy, like ftp-gw, participates in the protocol and can
> block attacks like fake "PORT" commands embedded in responses.
Again though, this makes one wonder how many commercial proxies might well
be mere plug-gw's...
>
> >Does there yet exist a comparison of the various application proxies in
> >this regard online? something more tangeble then the marketing hype of
> >the sales lizards that is...
>
> That's doubtful - it'd be a lot of work to gather the information; the
> marketing folks wouldn't want too much details of their weaknesses to
> become public information.
Understood, yet, sure would work to help 'filter out' which organisations
are actually providing something worthwhile rather than mere snakeoil.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
