Firewall Wizards mailing list archives
Re: Update on the "Multiple Firewalls FTP PASV" vulnerability
From: dwelch () uswestmail net
Date: 5 Mar 2000 23:20:24 -0800
On Fri, 03 March 2000, Mikael Olsson wrote:
... speaking of which... shouldn't firewalls that look at the application layer packet by packet instead be claiming "Application Layer Inspectors" or "Appliction Layer Filters" rather than "Application Layer Gateways"... ?
I tend to associate the term "application layer gateway" with an actual proxy. FireWall-1 does have these proxies for FTP, HTTP, telnet, and rlogin. However, unless you are doing User Authentication or Content Security on FireWall-1, these are not used. FireWall-1 is kind of a hybrid in this respect. -- PhoneBoy -- Dameon D. Welch, a.k.a. PhoneBoy (dwelch () phoneboy com) Check Point FireWall-1 FAQs at http://www.phoneboy.com/fw1/ The views expressed herein are not necessarily those of anyone else. -- Signup for your free USWEST.mail Email account http://www.uswestmail.net
Current thread:
- Update on the "Multiple Firewalls FTP PASV" vulnerability Mikael Olsson (Mar 05)
- <Possible follow-ups>
- Re: Update on the "Multiple Firewalls FTP PASV" vulnerability dwelch (Mar 06)