Firewall Wizards mailing list archives
Re: Firewall best practices
From: Andre Lima <andreflima () gmail com>
Date: Wed, 28 Apr 2010 20:58:29 +0100
With all due respect to Paul and Marcus, SSL is NOT crappy! Most bugs are implementation induced (openSSH or other less known) and the most known SSL strip vulnerability is not a problem of SSL but rather a user awareness issue, because if everyone payed attention to the 's' in https on their browser, that attack wouldn't be so troublesome.
With respect to the fact that encrypted traffic does go through a firewall with no inspection...well guess what: that means SSL is great since it's obviously performing its task well, which is maintain privacy of the traffic!
The issue here is mostly philosophical/political than technical. People demanded privacy and SSL delivered. One doesn't stop using the internet (or any other resource for that matter) just because it is also used by "bad guys".
Bottom line: SSL rocks!!! -- André Lima http://pt.linkedin.com/in/aflima _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewall best practices, (continued)
- Re: Firewall best practices Martin Barry (Apr 23)
- Re: Firewall best practices Marcus J. Ranum (Apr 26)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 28)
- Re: Firewall best practices david (Apr 26)
- Re: Firewall best practices John Morrison (Apr 27)
- Re: Firewall best practices Harrell, Matthew (Apr 27)
- Re: Firewall best practices Marcus J. Ranum (Apr 27)
- Re: Firewall best practices Paul D. Robertson (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 30)
- Re: Firewall best practices Andre Lima (Apr 30)
- Re: Firewall best practices Dave Piscitello (Apr 28)
- Re: Firewall best practices ArkanoiD (Apr 28)
- Re: Firewall best practices Nate Itkin (Apr 27)
- Re: Firewall best practices Dave Piscitello (Apr 27)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices Fetch, Brandon (Apr 27)
- Re: Firewall best practices lordchariot (Apr 28)
- Re: Firewall best practices Bruce B. Platt (Apr 30)
- Re: Firewall best practices Cian Brennan (Apr 28)
- Re: Firewall best practices Fetch, Brandon (Apr 28)