Firewall Wizards mailing list archives
IIS buffer overflows and firewalls
From: Joseph Steinberg <Joseph () whale-com com>
Date: Thu, 10 May 2001 11:52:32 -0400
The application-control engine of Air Gap technology is designed to allow you to generate granular rules for the application at hand, without arbitrarily selecting a maximum length (although you can also set length requirements). The filtering takes place behind a physical disconnection (and secure reverse proxy). Inspection can be based on examining the URL itself, the parameters, the HTTP methods, etc. - both length and values can be examined, and only acceptable URLs are allowed to pass to the server. It all happens on the safe side of the air gap, so hackers cannot bypass the inspection. You do not need to restrict all of the URLs with global rules -- you can set rules per URL as well. The rules would be based upon what the back-end applications support; in fact, you could even "record" legitimate usage of the application and have the system generate rules for you (which you can tweak as necessary). -- Joseph Steinberg
_.._
(_.-.\ Joseph Steinberg .-, ` Director of Technical Services .--./ / _.-""-. Whale Communications '-. (__..-" \ \ a | joseph () whale-com com ',.__. ,__.-'/ (201) 947-9177 x1511 '--/_.'----'` http://www.whalecommunications.com Register for a live web demo of Whale's e-Gap System (http://www.whalecommunications.com/forum) Tuesday, May, 22, 2001; 12:00 pm Eastern Time; 11:00 am Central Time; 9:00 am Pacific Time. Visit us at Booth 7215 at Networld+InterOp in Las Vegas, May 8-10.
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- IIS buffer overflows and firewalls Joseph Steinberg (May 11)
- <Possible follow-ups>
- RE: IIS buffer overflows and firewalls Michael D. Nickle (May 25)