Firewall Wizards mailing list archives
Re: How automate firewall tests
From: "Paul D. Robertson" <paul () compuwar net>
Date: Mon, 21 Aug 2006 09:15:42 -0400 (EDT)
On Mon, 21 Aug 2006, Tim Shea wrote:
And you can equally argue that proxies were never good to begin with. Really - the majority of applications out there have no real
I've got clients who at least have some benefit from running HTTP through a proxy and stopping various MIME types. It's not perfect by any stretch of the imagination, but it stops a fair volume of malware/spyware daily.
layer 7 level proxy so you have to tackle the problem from other directions. And the off the shell proxies (smtp, dns, http, etc) don't offer much value since these applications have been tested to
With a proxy, DNS doesn't go down to the client- that's a huge win in the anti-tunnel arena. Where I have clients who do MS Exchange internally, the SMTP proxy keeps them from spewing SMTP from an infected client as well...
death or the application isn't anymore "protected". What is the point of recommending a solution that doesn't exist? I am a fan of proxies but the reality is the firewall - whether it be proxy or other - is only a small part of the equation.
A chance to arbitrate the conversation isn't necessarily a bad thing- especially if you can't control the end nodes. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." http://fora.compuwar.net Infosec discussion boards _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- How automate firewall tests Strabla Ruggero (Aug 17)
- Re: How automate firewall tests Marcus J. Ranum (Aug 17)
- Re: How automate firewall tests Durga Prasad (Aug 18)
- Re: How automate firewall tests Marcus J. Ranum (Aug 18)
- Re: How automate firewall tests Isaac Van Name (Aug 20)
- Re: How automate firewall tests Marcus J. Ranum (Aug 20)
- Re: How automate firewall tests Tim Shea (Aug 21)
- Re: How automate firewall tests Paul D. Robertson (Aug 21)
- Re: How automate firewall tests ArkanoiD (Aug 21)
- Re: How automate firewall tests Marcus J. Ranum (Aug 21)
- Re: How automate firewall tests Chris Blask (Aug 22)
- Re: How automate firewall tests Patrick M. Hausen (Aug 22)
- Re: How automate firewall tests Chris Blask (Aug 23)
- Re: How automate firewall tests Crispin Cowan (Aug 28)
- Re: How automate firewall tests Marcus J. Ranum (Aug 28)
- Re: How automate firewall tests Marcus J. Ranum (Aug 28)
- Re: How automate firewall tests Cat Okita (Aug 29)
- Re: How automate firewall tests Durga Prasad (Aug 18)
- Re: How automate firewall tests Marcus J. Ranum (Aug 17)
- Re: How automate firewall tests Marcus J. Ranum (Aug 23)