Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Protecting publicly reacheable servers (e.g. HTTP)?

From: "Marcus J. Ranum" <mjr () nfr com>
Date: Sun, 25 Nov 2001 22:52:44 -0500
ark () eltex ru wrote:

I am still trying to figure out how to prevent data-driven attacks
on proxy level.


I don't think it can be done. The only chance is to be super
restrictive in what you accept - to the point of accepting
nothing. If you do that, you generally defeat your objectives
if you're trying to actually exchange information with
someone. :(

mjr.

---
Marcus J. Ranum     Chief Technology Officer, NFR Security Inc.
Work:  http://www.nfr.com
Play: http://www.ranum.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: