Firewall Wizards mailing list archives

RE: AW: Blocking Offensive Material(??) with Firewall

From: "Darden, Frank" <fdarden () locked com>
Date: Fri, 25 Jun 1999 18:13:20 -0400

I would say that Security7 Safegate CVP seems to appropriately address this
issue. However, at this stage, I recommend that you strip anyway. I
recommend this to my customers too. The only ones that I have seen actually
implement stripping is major financial institutions that take sec.
seriously. 

-----Original Message-----
From: Kunz, Peter [mailto:Peter.Kunz () sisclear com]
Sent: Thursday, June 24, 1999 9:14 AM
To: 'Jason Olsen'; Kunz, Peter
Cc: Di Phelan; firewall-wizards () nfr net
Subject: AW: AW: Blocking Offensive Material(??) with Firewall

    [Kunz, Peter]  Basically, this is trivial. I'd liek to see soemthing
dropping a connection absed on the stream content. Any chance we'll ever

see

something liek that? The FW rule being:Drop all malicious JAVA code.


Actually, that feature already exists to some degree.  See
http://www.checkpoint.com/products/firewall-1/contsec.html
for further information on their Content Security hooks.  It says that it
can do a number of things.  It can strip Java applet tags from HTML pages,
strip Java applets from all server-to-client replies, block suspicious
back connections and rip out ActiveX (Huzzah) and Javascript.
Unfortunately, it can't really differentiate "malicious" code from any
other.  It's an all-or-none approach at the moment.

        [Kunz, Peter]  Ok, now this sounds one step better than blocking IPs
- thus making it seem quite practical.

3)Blocking isn't a pure science.  They may add something to their
black-list because it has the word 'cervix' or the like, when it's a
legitimate site talking about uterine cancer.  Who knows how in depth

they

investigate before adding it to their list.

    [Kunz, Peter]  Yeah, look at the case of that Cyberwatch company
also bannign gays, lesbians, balck rights, etc. Big scandal that somehow
never got too public...


I was waiting for something like that to happen...

        [Kunz, Peter]  1996: Solid Oaks Software's CyberSitter. The hidden
agenda was discovered by Cyberwire Dispatch. In Inetenet time, this happened
looooong ago :-))

        cu
        -pete

Current thread:

AW: Blocking Offensive Material(??) with Firewall Kunz, Peter (Jun 20)
- Re: AW: Blocking Offensive Material(??) with Firewall Jason Olsen (Jun 21)
- <Possible follow-ups>
- AW: Blocking Offensive Material(??) with Firewall Kunz, Peter (Jun 21)
- RE: AW: Blocking Offensive Material(??) with Firewall Darden, Frank (Jun 28)