Firewall Wizards mailing list archives
Re: Firewall best practices
From: ArkanoiD <ark () eltex net>
Date: Wed, 28 Apr 2010 20:34:05 +0400
fwtk's grand-child does exactly that: you inspect traffic from "low-security" sites to treat it just like generic http and leave banking/online payment connections intact. I am thinking on adding a feature to examine certificates to ensure its validity without MITMing the SSL itself. Have you seen my paper? I think i posted a link here. On Tue, Apr 27, 2010 at 03:31:47PM -0400, Marcus J. Ranum wrote:
In Marcus-land the way we'd do it is have crypto that didn't suck, and firewall rules that permitted outgoing crypto only to (say, if online banking was an authorized activity during office hours) a set of supported sites. Yeah, yeah, I know, Marcus-land isn't a real place...
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewall best practices, (continued)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 28)
- Re: Firewall best practices david (Apr 26)
- Re: Firewall best practices John Morrison (Apr 27)
- Re: Firewall best practices Harrell, Matthew (Apr 27)
- Re: Firewall best practices Marcus J. Ranum (Apr 27)
- Re: Firewall best practices Paul D. Robertson (Apr 27)
- Re: Firewall best practices ArkanoiD (Apr 30)
- Re: Firewall best practices Andre Lima (Apr 30)
- Re: Firewall best practices Dave Piscitello (Apr 28)
- Re: Firewall best practices ArkanoiD (Apr 28)
- Re: Firewall best practices Nate Itkin (Apr 27)
- Re: Firewall best practices Dave Piscitello (Apr 27)
- Re: Firewall best practices Carson Gaspar (Apr 27)
- Re: Firewall best practices Fetch, Brandon (Apr 27)
- Re: Firewall best practices lordchariot (Apr 28)
- Re: Firewall best practices Bruce B. Platt (Apr 30)
- Re: Firewall best practices Cian Brennan (Apr 28)
- Re: Firewall best practices Fetch, Brandon (Apr 28)
- Re: Firewall best practices Mathew Want (Apr 30)
- Re: Firewall best practices ArkanoiD (Apr 30)