Firewall Wizards mailing list archives

Re: AW: Blocking Offensive Material(??) with Firewall

From: Jason Olsen <jolsen () dpg devry edu>
Date: Mon, 21 Jun 1999 10:52:13 -0500 (CDT)

On Fri, 18 Jun 1999, Kunz, Peter wrote:

Checkpoint's FireWall-1 package has a 'hook' for 3rd-party software.  They
allow the insertion of anyi-virus software, as well as content filtering.
Basically, IIRC, you specify a package that has a list (updated daily) of
all the 'objectionable content' sites they're aware of.  If the Firewall
sees a request to one of these sites, or material returning from one of
them, it is dropped.  Bear in mind these things:

      [Kunz, Peter]  Basically, this is trivial. I'd liek to see soemthing
dropping a connection absed on the stream content. Any chance we'll ever see
something liek that? The FW rule being:Drop all malicious JAVA code.


Actually, that feature already exists to some degree.  See
http://www.checkpoint.com/products/firewall-1/contsec.html
for further information on their Content Security hooks.  It says that it
can do a number of things.  It can strip Java applet tags from HTML pages,
strip Java applets from all server-to-client replies, block suspicious
back connections and rip out ActiveX (Huzzah) and Javascript.
Unfortunately, it can't really differentiate "malicious" code from any
other.  It's an all-or-none approach at the moment.

3)Blocking isn't a pure science.  They may add something to their
black-list because it has the word 'cervix' or the like, when it's a
legitimate site talking about uterine cancer.  Who knows how in depth they
investigate before adding it to their list.

      [Kunz, Peter]  Yeah, look at the case of that Cyberwatch company
also bannign gays, lesbians, balck rights, etc. Big scandal that somehow
never got too public...


I was waiting for something like that to happen...

-Jason

***************************************************************************
*Jason Olsen                              *  email: jolsen () dpg devry edu  *
*Internet Support Specialist              *********************************
******************************************* DeVry Institute of Technology *
*Phone: (630) 953-1300 x1716              * 1221 North Swift Road         *
*http://www.dpg.devry.edu/                * Addison, Illinois 60101       *
***************************************************************************

Current thread:

AW: Blocking Offensive Material(??) with Firewall Kunz, Peter (Jun 20)
- Re: AW: Blocking Offensive Material(??) with Firewall Jason Olsen (Jun 21)
- <Possible follow-ups>
- AW: Blocking Offensive Material(??) with Firewall Kunz, Peter (Jun 21)
- RE: AW: Blocking Offensive Material(??) with Firewall Darden, Frank (Jun 28)