Firewall Wizards mailing list archives
Re: Firewall best practices
From: Martin Barry <marty () supine com>
Date: Fri, 23 Apr 2010 10:46:03 +0200
$quoted_author = "Marcus J. Ranum" ;
That's why firewalls need to go back to doing what they originally did, and parsing/analyzying the traffic that flows through them, rather than "stateful packet inspection" (which, as far as I can tell, means that there's a state-table entry saying "I saw SYN!")
Marcus, are you referring to DPI or proxies or both or something else entirely?
If the firewall doesn't understand the data it's passing, it's not a firewall, it's a hub.
If an application emulates HTTPS traffic and is proxy aware, how do you tell the difference? cheers Marty _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewall best practices, (continued)
- Re: Firewall best practices Darden, Patrick S. (Apr 15)
- Re: Firewall best practices Paul D. Robertson (Apr 15)
- Re: Firewall best practices Darden, Patrick S. (Apr 15)
- Re: Firewall best practices John Morrison (Apr 15)
- Re: Firewall best practices Darden, Patrick S. (Apr 15)
- Re: Firewall best practices Marcus J. Ranum (Apr 15)
- Re: Firewall best practices Morty (Apr 16)
- Re: Firewall best practices Darden, Patrick S. (Apr 22)
- Re: Firewall best practices Martin Barry (Apr 22)
- Re: Firewall best practices Marcus J. Ranum (Apr 22)
- Re: Firewall best practices Martin Barry (Apr 23)
- Re: Firewall best practices Marcus J. Ranum (Apr 26)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 28)
- Re: Firewall best practices david (Apr 26)
- Re: Firewall best practices John Morrison (Apr 27)
- Re: Firewall best practices Harrell, Matthew (Apr 27)
- Re: Firewall best practices Marcus J. Ranum (Apr 27)
- Re: Firewall best practices Paul D. Robertson (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 30)
- Re: Firewall best practices Andre Lima (Apr 30)