Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: What is the difference between stateful packet filteringand Stateful pkt inspection ?

From: Darren Reed <darrenr () reed wattle id au>
Date: Wed, 5 Feb 2003 03:36:05 +1100 (EST)
In some email I received from Mikael Olsson, sie wrote:
[...]

.... which reminds me that I need to play TCP segmentation games 
with various HTTP filters. Muaha.


I did some work on one of these once and I took the attitude that
segmentation "games" and all the funny things that can happen (but
99% of the time don't in normal behaviour) were something that could
be just dropped on the floor.  Easier to get the user to hit "reload"
than try handle all the stupid cases that are only ever likely to
occur when someone is trying to bypass/confuse filters, etc.  Why
could w do that?  Well, when the outgoing proxy is on a locally
connected network and the proxying that is happening is outbound
connections only, everything should be smooth...

So I imagine it would be "Muaha" back :)

Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: