Firewall Wizards mailing list archives

RE: SSL

From: "Stefan Norberg" <stefan () orbisec com>
Date: Thu, 18 Oct 2001 01:00:45 +0200

Gary,

Just a quick question on SSL.  If I allow SSL outbound, and a user
browses a web site that is corrupt with something harmful like NIMDA, is

it

possible that they will infect my network... and will the firewall not

pass

it along without checking?


Yes. SSL is end-to-end; (browser) client to (web) server encryption. nothing
a
proxy or firewall can do here.

If true, how can I combat this?  Is there a product that will stop
the packets and inspect them before being returned to the requester?


Make sure that all clients have constantly updated anti-virus software and
latest security patches applied.
A somewhat painful option is also to consider only allowing SSL to certain
trusted websites.

Stefan


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

SSL Crumrine, Gary L (Oct 17)
- Re: SSL Frederick M Avolio (Oct 18)
  - Re: SSL Eric Rescorla (Oct 18)
    - Re: SSL Paul D. Robertson (Oct 20)
  - Re: SSL Magosányi Árpád (Oct 20)
  - Re: SSL Balazs Scheidler (Oct 20)
- Re: SSL R. DuFresne (Oct 18)
- Re: SSL teo (Oct 18)
- Re: SSL Patrick M. Hausen (Oct 18)
- RE: SSL Stefan Norberg (Oct 18)
- <Possible follow-ups>
- RE: SSL Bruce Platt (Oct 18)
  - RE: SSL R. DuFresne (Oct 18)
    - RE: SSL Paul D. Robertson (Oct 20)
- RE: SSL Scott, Richard (Oct 18)
  - RE: SSL Illes Marci (Oct 20)
- RE: SSL Ames, Neil (Oct 18)
  - RE: SSL Paul D. Robertson (Oct 20)
- RE: SSL Chad Schieken (Oct 20)
- RE: SSL Dawes, Rogan (ZA - Johannesburg) (Oct 20)
- RE: SSL Bruce Platt (Oct 20)

(Thread continues...)