Firewall Wizards mailing list archives
SSL Vulnerabilities?
From: Kyle Starkey <KSTARKEY () altera com>
Date: Wed, 4 Aug 1999 12:05:18 -0700
I need some one to help me with a suggestion that was just made by my boss. It sounds OK to me, but after the whole "blocking ICMP" fiasco I started I am looking for some suggestions. I am currently managing a DMZ for customer support at my company. Our front end firewall is a NT based Gauntlet 5.0 with only the SSL port open to the internet. Since we are using the built in SSL/Http-Proxy, with the HTTP port blocked, the firewall intercepts the SSL packets changes the source IP address to its own and forwards the packets to the WebServer. The problem with this is that the webserver logs show the firewall as the only one accessing it. The Powers-that-Be would like to be able to see what pages are being accessed by what IP addresses. Our thoughts were to simply disable the proxy and use Packet filtering rules to manage the communications between the interent and the Webserver over the SSL port. Other than the fact that NT is bad platform to sit your firewalls on, can any one think of any reason why this might be a BAD idea. thanks for you help Kyle R. Starkey Information Security Group Altera Corporation
Current thread:
- SSL Vulnerabilities? Kyle Starkey (Aug 05)
- Re: SSL Vulnerabilities? Joseph S D Yao (Aug 06)
- Re: SSL Vulnerabilities? Ge' Weijers (Aug 06)
- RE: SSL Vulnerabilities? Arjan Vos (Aug 06)
- <Possible follow-ups>
- Re: SSL Vulnerabilities? Ryan Russell (Aug 06)
- Re: SSL Vulnerabilities? czarcone (Aug 07)