Firewall Wizards mailing list archives
Re: Proxy 2.0 secure? (AG vs. SPF)
From: "Ryan Russell" <ryanr () sybase com>
Date: Tue, 7 Jul 1998 09:55:03 -0700
I'm repeating myself a bit here because of some lag in messages getting to list members, but... I claim that any IP handling software that isn't part of the OS, and hence isn't usable by the OS is a type of SPF. So, for example, if one believes that the exercise of take a good IP stack and making it a standalone application can be accomplished without introducing significant bugs, then you have an excellent starting point. I don't believe that SPFs have to be written as state machines. The "state" in SPF comes from the fact that the big brothers of traditional PFs keep "state" about previous packets.. not that they neccessarily use a state mechanism to do so. Wouldn't having the IP stack not effectivly running as root be an improvement? Couldn't there be some useful security information gleaned by not throwing away bits of information that are tossed currently by the barrier between IP stack and app logic that is the sockets API? Ryan Bennett Todd <bet () mordor net> on 07/07/98 08:56:32 AM To: Ryan Russell/SYBASE, tqbf () pobox com cc: firewall-wizards () nfr net Subject: Re: Proxy 2.0 secure? (AG vs. SPF) 1998-06-30-10:12:01 Ryan Russell:
--- but they have increased vulnerability to problems in other IP
stacks,
because they are allowing remote hosts to communicate directly with
those
stacks.I disagree with this assumption. Current SPF implementations do this.
It
doesn't mean someone couldn't write a better one.
In other words, you're banking your arguments about the superiority of stateful packet filtering on the fantasy that someone will write an SPF that does fragment reassembly, options stripping, and all the other implicit cleanup that's done by the IP stacks for application gateways. Go for it. Maybe you're right; people have wasted the time and effort to write some amazingly awful dreck, and people contine to waste even more time and effort attempting to run it; there are a lot of sick pups out there. But I'll betcha that even if someone _does_ what you propose --- write an entire IP stack, with application proxies and everything, as state transition rules for an SPF --- that the result will not be more secure than current application gateway firewalls. Rather, you'll have a vastly more complex implementation, which means more bug-ridden, and far harder to maintain and enhance in the face of changing demands. That definitely sounds like a market-leading product in today's market, I'll agree. I still won't use it. And I won't expect it to be more secure. -Bennett Received: from tunnel.sybase.com ([130.214.231.88]) by ibwest.sybase.com (Lotus SMTP MTA v4.6.1 (569.2 2-6-1998)) with SMTP id 8825663A.0056694C; Tue, 7 Jul 1998 08:43:50 -0700 Received: from smtp1.sybase.com (smtp1 [130.214.220.35]) by tunnel.sybase.com (8.8.4/8.8.4) with SMTP id IAA18425 for <Ryan_Russell@tunnel-w>; Tue, 7 Jul 1998 08:41:04 -0700 (PDT) Received: from halon.sybase.com by smtp1.sybase.com (4.1/SMI-4.1/SybH3.5-030896) id AA06147; Tue, 7 Jul 98 08:41:03 PDT Received: from ritz.mordor.net (vmailer () mordor net [165.254.98.3]) by halon.sybase.com (8.8.4/8.8.4) with ESMTP id IAA00970 for <ryanr () sybase com>; Tue, 7 Jul 1998 08:40:43 -0700 (PDT) Received: by ritz.mordor.net (VMailer, from userid 1002) id 15A882A7D4; Tue, 7 Jul 1998 11:56:33 -0400 (EDT) Message-Id: <19980707115632.A3063 () fcmc com> Date: Tue, 7 Jul 1998 11:56:32 -0400 From: Bennett Todd <bet () mordor net> To: Ryan Russell <ryanr () sybase com>, tqbf () pobox com Cc: firewall-wizards () nfr net Subject: Re: Proxy 2.0 secure? (AG vs. SPF) References: <88256633.005A1EFC.00 () gwwest sybase com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1 In-Reply-To: <88256633.005A1EFC.00 () gwwest sybase com>; from Ryan Russell on Tue, Jun 30, 1998 at 10:12:01AM -0700
Current thread:
- Re: Proxy 2.0 secure? (AG vs. SPF), (continued)
- Re: Proxy 2.0 secure? (AG vs. SPF) Paul D. Robertson (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Marc Heuse (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Paul D. Robertson (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Bennett Todd (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Paul D. Robertson (Jul 08)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Paul D. Robertson (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Joseph S. D. Yao (Jul 08)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Bennett Todd (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) tqbf (Jul 12)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Bennett Todd (Jul 07)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 12)
- Re: Proxy 2.0 secure? (AG vs. SPF) Paul D. Robertson (Jul 12)
- Re: Proxy 2.0 secure? (AG vs. SPF) tqbf (Jul 12)
- Re: Proxy 2.0 secure? (AG vs. SPF) Ryan Russell (Jul 12)