Firewall Wizards mailing list archives
Re: RFC3514 - Evil Bit
From: "Steven M. Bellovin" <smb () research att com>
Date: Wed, 09 Apr 2003 10:39:36 -0400
In message <Pine.LNX.4.33.0304082050140.21230-100000 () gargoyle users patriot net
, "Paul D. Robertson" writes: On Tue, 8 Apr 2003, Weil, Timothy R (BearingPoint) wrote:Date: Tue, 8 Apr 2003 17:18:27 -0500^[1]How will the "evil bit" be manipulated to detected MALWARE directed at firewalls? ftp://ftp.rfc-editor.org/in-notes/rfc3514.txtOnly one vendor has announced compliance, and AFAICT, the deadline for their release hasn't been reached yet. Also, there wasn't a mention of complying with the NAT provisions. What I think needs to happen is that you need to attend the working group session on the first anniversary to lobby for its implementation. Since it's obviously good enough for a standards track, maybe we'll see some significant official support by then...[2]
I've gotten some amazing responses, with not a few from people who took it seriously. See http://www.research.att.com/~smb/3514.html for a summary. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (2nd edition of "Firewalls" book) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RFC3514 - Evil Bit Weil, Timothy R (BearingPoint) (Apr 08)
- Re: RFC3514 - Evil Bit Paul D. Robertson (Apr 08)
- Re: RFC3514 - Evil Bit Steven M. Bellovin (Apr 09)
- Sonicwall hangs - familiar? Dave Piscitello (Apr 19)
- RE: Sonicwall hangs - familiar? C. Worms (Apr 22)
- Re: RFC3514 - Evil Bit Steven M. Bellovin (Apr 09)
- Re: RFC3514 - Evil Bit Paul D. Robertson (Apr 08)
- Re: RFC3514 - Evil Bit Joseph S D Yao (Apr 09)
- <Possible follow-ups>
- RE: RFC3514 - Evil Bit Behm, Jeffrey L. (Apr 09)