Firewall Wizards mailing list archives
RE: GXD vs. SPF
From: "Stout, Bill" <StoutB () pios com>
Date: Mon, 28 Sep 1998 14:32:45 -0400
----- Original Message -----
<snip>
It is reminiscent of when HTTP first came and people had trouble with it because firewalls didn't support it. CERN came out with a "proxy". Well, all it did was allow HTTP traffic to pass from the inside to outside and back. There were no security features (and it was tens of thousands of lines of code). Of course, some services have no useful features that would make a real application gateway beneficial. When you see that a proxy is offered for
a
service but that all it is doing is, well, being a proxy, (like the
plug-gw
in the FWTK) the same service could be done as securely and faster with a SPF. Fred
<snip> That's what I'm interested in. With GXD and SPF, no attention is paid to application commands passed through (I'd be most interested to see what various vendor proxies do add, BTW). Does the SPF function add (to session state monitoring) anything that natural TCP sessions states don't? I thought SPF did unless marketing technical material, and earlier posts about SPF discussed enhancements to the SPF function such as programatically added (data field pattern matching) filters. The capability for enhancement could be argued as a natural feature of an architechture. That would explain the SPF/AG arguements. If SPF is only equivalent to (not better than) TCP session state tracking, then SPF belongs in an AG firewall to add session state to UDP generic proxies. The SPF vs. AG firewall arguement is similar to NT vs. UNIX security; in UNIX you turn things on until you're comfortable, and in NT you turn things off or patch until you're comfortable. Bill Stout ______________________________________________________________________ Another dangerous sig. (Global HERF beams) Navy's innocent HAARP site: http://www.haarp.alaska.edu/ Probable associated Patent: http://www.patents.ibm.com/details?patent_number=4686605 "...in Alaska, the right type of fuel...the right magnetic latitudes for the most efficient practice of this invention" "...ability to employ and transmit over very wide areas of the earth a plurality of electromagnetic waves...provides a unique ability to interfere with all modes of communications; land, sea, and/or air, at the same time...missile or aircraft destruction, deflection, or confusion...Weather modification is possible..." "...carry out a communications network even though the rest of the world's communications are disrupted...."
Current thread:
- GXD vs. SPF Stout, Bill (Sep 25)
- Re: GXD vs. SPF Paul D. Robertson (Sep 29)
- <Possible follow-ups>
- Re: GXD vs. SPF Ryan Russell (Sep 29)
- Re: GXD vs. SPF Frederick M Avolio (Sep 29)
- RE: GXD vs. SPF Stout, Bill (Sep 29)
- RE: GXD vs. SPF Ryan Russell (Sep 30)
- Re: GXD vs. SPF ark (Sep 30)