Re: RFC3514 - Evil Bit

["Paul D. Robertson" <proberts () patriot net>]

On Tue, 8 Apr 2003, Weil, Timothy R (BearingPoint) wrote:

> Date: Tue, 8 Apr 2003 17:18:27 -0500
             ^[1]
>     How will the "evil bit" be manipulated to detected MALWARE directed
>     at firewalls?  ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt

Only one vendor has announced compliance, and AFAICT, the deadline for 
their release hasn't been reached yet.  Also, there wasn't a mention of 
complying with the NAT provisions.

What I think needs to happen is that you need to attend the working group 
session on the first anniversary to lobby for its implementation.  Since 
it's obviously good enough for a standards track, maybe we'll see some 
significant official support by then...[2]


Paul
[1] It's really bad to drag the April Fools RFC out past the first.  It's 
been a long week already though, so if we get some witty replies, I'll 
approve them.
[2] I am actually hoping that the nmap patches get added as the default, 
just for amusement value, maybe it's time to code up an Ethereal patch... 
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards