Firewall Wizards mailing list archives
Re: Query: Why bother with an application proxy over stateful packet filtering?
From: Marcin Antkiewicz <firewallwizards () kajtek org>
Date: Mon, 27 Aug 2007 11:20:11 -0500 (CDT)
I am wondering why would the be a need to web up a proxy such as a web proxy (Squid) instead of just using a stateful packet filtering firewall (iptables) only in a network?
Will, Do not think that just because something is a good packet filter, it will also make a good proxy, or IDS. Just because you know how to start a fire using a screwdriver it is not a good idea to keep doing so, especially when you have matches at hand. Packet filtering and (security) proxies are different technologies - I use both of them because, when used correctly, they address different needs. For more insight please read: http://www.ranum.com/security/computer_security/editorials/deepinspect/index.html -- Marcin Antkiewicz _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Query: Why bother with an application proxy over stateful packet filtering? william fitzgerald (Aug 27)
- Re: Query: Why bother with an application proxy over stateful packet filtering? Patrick M. Hausen (Aug 27)
- Message not available
- Re: Query: Why bother with an application proxy over stateful packet filtering? william fitzgerald (Aug 27)
- Re: Query: Why bother with an application proxy over stateful packet filtering? Marcin Antkiewicz (Aug 27)