Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 27 Aug 2003 18:40:00 -0400
 Frederick M Avolio wrote:

Even on a firewall that proxies all of these, you're talking 25 or so proxies for H.323 and 5 (whiteboarding, file 
transfer, chat, etc.) for T.120.


At which point I gotta break out the old joke Fred and I used to share,
circa 1992:
        Q: "What do you call a firewall that proxies HTTP, telnet, ftp, rlogin, ping... etc..?"
        A: "A router."

Whiteboarding? File transfer? Chat? Why not remote disk format and
install, too?  I'm sure there are no security flaws at all in any of those
protocols or the implementations thereof...

This whole firewall "thing" has become an exercise in wishful-thinking
"have your cake and eat it too" -- and in the long run it's not going to
work. It only works now because the hackers aren't as smart as
they and the media think they are.

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: