Firewall Wizards mailing list archives
Re: Applications Proxies
From: Jeff Newton <Jeff_Newton () pmc-sierra com>
Date: Thu, 20 Dec 2001 09:07:08 -0800
Would a HTTP proxy defend against the latest Microsoft IE vulnerabilty (MS01-058) that downloads and executes code due to modifications of content-disposition and content-type? Paul, can you recommend a few application-layer proxies that are robust and mature enough for enterprise deployment? Cheers, Paul Robertson wrote:
Sorry, I don't have stats, but I'd like to point out (just in case you're not aware) proxies are generally used to protect Web clients, not Web servers. Even in places where I've put in application layer gateways (and that tends to be >99% of places I've firewalled) to protect the enterprise, I tend to use filters for Web servers on the DMZ or service network. It cuts down on latency, support issues, and if there's a transport layer attack against your Web servers, you're going to patch it quickly anyway- and those aren't all that common compared to the set of successful attacks against Web servers overall, and so far they've all been DoS attacks unless you happen to have been running TCPDump on your Web server. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
-- Jeff Newton _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Applications Proxies Oscar Batyrbaev (Dec 19)
- Re: Applications Proxies Paul Robertson (Dec 20)
- Re: Applications Proxies Jeff Newton (Dec 20)
- Re: Applications Proxies Gary Flynn (Dec 22)
- Re: Applications Proxies Jeff Newton (Dec 20)
- Re: Applications Proxies Paul Robertson (Dec 20)