having also not read the book, my guess would be that a transparent
proxy + firewall would increase security because people don't have the
the option to run SSH tunnels via the HTTP port. A good example would
be years ago I ran a sock4 proxy on port 80 on my home firewall to
allow me to download
On Mon, Mar 24, 2008 at 12:15:55AM -0700, Bryan Irvine wrote:
having also not read the book, my guess would be that a transparent
proxy + firewall would increase security because people don't have the
the option to run SSH tunnels via the HTTP port. A good example would
be years ago I ran a
The book is called Counter Hack Reloaded: A Step-by-Step Guide to
Computer Attacks and Effective Defenses (2nd Edition) -
http://www.amazon.com/Counter-Hack-Reloaded-Step-Step/dp/0131481045/ref=pd_bb
s_1?ie=UTF8s=booksqid=1206284032sr=8-1
The author makes several references to proxy firewalls and
On 23 Mar 2008 at 7:58, Ed Flecko wrote:
The book is called Counter Hack Reloaded: A Step-by-Step Guide to
Computer Attacks and Effective Defenses (2nd Edition) -
http://www.amazon.com/Counter-Hack-Reloaded-Step-Step/dp/0131481045/re
f=pd_bb
s_1?ie=UTF8s=booksqid=1206284032sr=8-1
The
In one section of the book (Page 301) the author contrasts nmap to
Firewalk. He says, nmap cannot differentiate between what is open
on an end machine and what is being firewalled. Firewalk, on the other
hand, can determine if a given port is allowed through a
packet-filtering device.With this
On 2008-03-23, Ed Flecko [EMAIL PROTECTED] wrote:
He then shortly thereafter says, Firewalk even works against
traditional and stateful packet filters, which both just decrement the
TTL by one. However, Firewalk does not work against proxy based
firewalls, because proxies do not forward
Hi folks,
I'm reading a book on network security and it mentions proxy
firewalls, so I'm wondering if an OpenBSD box with Squid installed
would fit this description? Or, are there other proxy firewalls the
author is referring to?
The book mentions that although proxy firewalls tend to slow
Ed Flecko [EMAIL PROTECTED] writes:
Hi folks,
I'm reading a book on network security and it mentions proxy
firewalls, so I'm wondering if an OpenBSD box with Squid installed
would fit this description? Or, are there other proxy firewalls the
author is referring to?
The book mentions that
Ed Flecko wrote:
I'm reading a book on network security and it mentions proxy
firewalls ... are there other proxy firewalls the
author is referring to?
Which book? Title, author, ISBN would help. Or send a link to a review.
As a matter of curiosity, has anyone ran an nmap scan against an
On Fri, Mar 21, 2008 at 9:27 PM, Ed Flecko [EMAIL PROTECTED] wrote:
Hi folks,
I'm reading a book on network security and it mentions proxy
firewalls, so I'm wondering if an OpenBSD box with Squid installed
would fit this description? Or, are there other proxy firewalls the
author is
I have not yet fully researched the PF functionality of OpenBSD, so
I'm therefore guessing that the PF feature adds stateful packet
inspection to an OpenBSD box.
With that assumption, I guess I'm thinking PF and Squid (which works
at the application layer of the OSI stack) would make a pretty
On Sat, Mar 22, 2008 at 10:50 AM, Ed Flecko [EMAIL PROTECTED] wrote:
I have not yet fully researched the PF functionality of OpenBSD, so
I'm therefore guessing that the PF feature adds stateful packet
inspection to an OpenBSD box.
With that assumption, I guess I'm thinking PF and Squid
Ed Flecko wrote:
I have not yet fully researched the PF ... wonder if PF would
analyze the incoming data stream first and then
Squid, or would that be Squid first and then PF?
It seems that you would benefit from beginning that research,
sooner rather than later.
Reading any material at all
Just like pfsync makes router fail-over possible when combined with
CARP, is there a similar mechanism that could be used between two
OpenBSD routers to provide fail-over for squid?
If the squid machines I have to deal with over here could be replaced
with OpenBSD boxes I could just casually
On Sat, Mar 22, 2008 at 4:07 PM, Jon [EMAIL PROTECTED] wrote:
Just like pfsync makes router fail-over possible when combined with
CARP, is there a similar mechanism that could be used between two
OpenBSD routers to provide fail-over for squid?
You would be well served by doing some research
15 matches
Mail list logo
