Security Basics mailing list archives

Re: Protocol enforement

From: private private <securecure () gmail com>
Date: Tue, 10 Mar 2009 23:53:29 +0200

sometimes legitimate devices incorrectly configured can cause protocol
violations by sending for instance a doubled up soap envelope in the
http body. identify the node(s) sending the traffic and the software
creating the requests then run something like fiddler or webscarab on
the host to identify what is wrong with the traffic. correct the
problem and then you don't have reduce security

On 3/10/09, Javier Reyna <jreyna () onlinet com mx> wrote:

So? What is mos important for you? Security or Availability?
On Fri, Mar 06, 2009 at 05:42:27PM -0000, myauthoritah () gmail com wrote:

I have an environment where Checkpoint Smart Defense is causing problems
with SSL web traffic. The specific SSL traffic does not appear to be RFC
compliant (big surprise). Protocol enforcement of 443 is problem.

How much risk would I be accepting by shutting down the protocol
enforcement on the Checkpoint.

Googling did very little to help.

Security is getting in the way of availability.

VR, Slinger


--
Saludos!
________________

Javier Reyna
CCSE WCSE ISS-CS NSP JNCIA-FWV
Consultor en Seguridad
jreyna () onlinet com mx
www.onlinet.com.mx
 ,,__
 o" )~
 ''''


-- 
Sent from my mobile device

Current thread:

Protocol enforement myauthoritah (Mar 06)
- Re: Protocol enforement Vivek P (Mar 09)
- RE: Protocol enforcement Steve Armstrong (Mar 09)
- Re: Protocol enforement Javier Reyna (Mar 10)
  - Re: Protocol enforement private private (Mar 11)