Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall best practices

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 22 Apr 2010 09:17:35 -0500
Martin Barry wrote:

...and every app that wants to work around a firewall just encrypts it's
traffic and runs the server on port 443.


That's why firewalls need to go back to doing what they
originally did, and parsing/analyzying the traffic that
flows through them, rather than "stateful packet
inspection" (which, as far as I can tell, means that
there's a state-table entry saying "I saw SYN!")

If the firewall doesn't understand the data it's passing,
it's not a firewall, it's a hub.

mjr.
--
Marcus J. Ranum         CSO, Tenable Network Security, Inc.
                        http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: