Firewall Wizards mailing list archives

Re: A fun smackdown...

From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Fri, 20 May 2005 02:53:58 +0530

On 19/05/05 09:04 -0400, Paul D. Robertson wrote:

On Tue, 17 May 2005, Martin wrote:

"Be liberal in what you accept; be strict in what you send."


_All_ effective security controls break that tenet.  The more liberal your
controls, the more risk you assume.


Unless your control is a proxy, which must accept all kinds of crap, and
send only a stricly validated subset to the client.

The default application of the RFC791 quote is to outbound traffic from your
network, but nothing says that it cannot be applied the other way round.

In general, I agree with you though.

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: A fun smackdown..., (continued)
- - - Re: A fun smackdown... Chuck Swiger (May 21)
    - Re: A fun smackdown... Marcus J. Ranum (May 21)
    - RE: A fun smackdown... Bill Royds (May 24)
    - Re: A fun smackdown... Joseph S D Yao (May 20)
    - Re: A fun smackdown... Chuck Swiger (May 20)
    - Re: A fun smackdown... Joseph S D Yao (May 20)
    - Re: A fun smackdown... Devdas Bhagat (May 20)
    - Re: A fun smackdown... Carson Gaspar (May 20)
    - Re: A fun smackdown... Marcus J. Ranum (May 20)
    - RE: A fun smackdown... lordchariot (May 21)
    - Re: A fun smackdown... Devdas Bhagat (May 19)
    - Re: A fun smackdown... Martin (May 20)
- RE: A fun smackdown... FirewallAdmin (May 17)
- RE: A fun smackdown... Behm, Jeffrey L. (May 19)
  - RE: A fun smackdown... Paul D. Robertson (May 19)
- RE: A fun smackdown... Behm, Jeffrey L. (May 20)
- RE: A fun smackdown... Jeremiah Cornelius (May 21)
- A fun smackdown... David Wagner (May 21)
- RE: A fun smackdown... Marcus J. Ranum (May 24)
- Re: A fun smackdown... Jean-Denis Gorin (May 25)