Firewall Wizards mailing list archives
Re: RFC3514 - Evil Bit
From: "Paul D. Robertson" <proberts () patriot net>
Date: Tue, 8 Apr 2003 21:04:28 -0400 (EDT)
On Tue, 8 Apr 2003, Weil, Timothy R (BearingPoint) wrote:
Date: Tue, 8 Apr 2003 17:18:27 -0500
^[1]
How will the "evil bit" be manipulated to detected MALWARE directed at firewalls? ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt
Only one vendor has announced compliance, and AFAICT, the deadline for their release hasn't been reached yet. Also, there wasn't a mention of complying with the NAT provisions. What I think needs to happen is that you need to attend the working group session on the first anniversary to lobby for its implementation. Since it's obviously good enough for a standards track, maybe we'll see some significant official support by then...[2] Paul [1] It's really bad to drag the April Fools RFC out past the first. It's been a long week already though, so if we get some witty replies, I'll approve them. [2] I am actually hoping that the nmap patches get added as the default, just for amusement value, maybe it's time to code up an Ethereal patch... ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RFC3514 - Evil Bit Weil, Timothy R (BearingPoint) (Apr 08)
- Re: RFC3514 - Evil Bit Paul D. Robertson (Apr 08)
- Re: RFC3514 - Evil Bit Steven M. Bellovin (Apr 09)
- Sonicwall hangs - familiar? Dave Piscitello (Apr 19)
- RE: Sonicwall hangs - familiar? C. Worms (Apr 22)
- Re: RFC3514 - Evil Bit Steven M. Bellovin (Apr 09)
- Re: RFC3514 - Evil Bit Paul D. Robertson (Apr 08)
- Re: RFC3514 - Evil Bit Joseph S D Yao (Apr 09)
- <Possible follow-ups>
- RE: RFC3514 - Evil Bit Behm, Jeffrey L. (Apr 09)