Firewall Wizards mailing list archives
RE: on-the-fly-analysis vs. proxy rewrites
From: "Behm, Jeffrey L." <BehmJL () bvsg com>
Date: Wed, 8 Feb 2006 17:38:35 -0600
On Wednesday, February 08, 2006 1:27 AM, Darren Reed so wrote:
On Tuesday, February 07, 2006 12:50 PM, Dave Piscitello so spake:An interesting exercise for this list - possibly a new thread? - is "what security policies are best enforced by implementing
"on-the-fly
analysis" versus "what security policies are best enforced by proxy rewrites".How is one different to the other ? How is a proxy not doing something "on the fly" ?
My sometimes jaded view is that the proxy rewrites the traffic to conform to whatever the proxy writer wrote. Hopefully, that matches up with some standard protocol to _provide_ the security. I.E. You get the security from the proxy writer having rewritten your traffic. It's doing *something,* true, but it's not "checking" anything. It's just not re-writing any *bad* stuff. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- on-the-fly-analysis vs. proxy rewrites Behm, Jeffrey L. (Feb 07)
- Re: on-the-fly-analysis vs. proxy rewrites Gabriele Buratti (Feb 08)
- Re: on-the-fly-analysis vs. proxy rewrites Darren Reed (Feb 08)
- <Possible follow-ups>
- RE: on-the-fly-analysis vs. proxy rewrites Behm, Jeffrey L. (Feb 08)
- Message not available
- RE: on-the-fly-analysis vs. proxy rewrites Marcus J. Ranum (Feb 08)
- Message not available
- Re: on-the-fly-analysis vs. proxy rewrites Darren Reed (Feb 19)
- RE: on-the-fly-analysis vs. proxy rewrites Hawkins, Michael (Feb 09)
- Re: on-the-fly-analysis vs. proxy rewrites Dave Piscitello (Feb 09)
- Message not available
- RE: on-the-fly-analysis vs. proxy rewrites Marcus J. Ranum (Feb 09)
- Re: on-the-fly-analysis vs. proxy rewrites ArkanoiD (Feb 19)