Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IE is just as safe as FireFox

From: DanB UK <danbuk () gmail com>
Date: Thu, 25 Nov 2004 10:03:27 +0000
Hi,

Agreed. But if the idea is to protect your internal clients from your
intranet web servers, the proxy isn't doing much for you. Plus again,
someone can just configure their machine to not use the proxy as mentioned
previously. If the machines are available on the public intranet without
having to go through some firewall, you can't slap much of a guarantee on
things not reaching them except via your proxy. You mention setting up
routing ACL policies for HTTP traffic further down. This isn't something
that is reasonable to manage in a large organization and does nothing from
stopping people from selecting alternate ports.


Well if you stick a firewall inbetween and limit to only 80/443 and
then redirect the requests to a web proxy(I know there are issues with
https proxying, like MTM). Then you can filter/drop do what ever you
like.

Cheers,
Dan.

-- 
DanB UK
London, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: