Firewall Wizards mailing list archives
Re: Proxies, opensource and the general market: what's wrong with us?
From: ArkanoiD <ark () eltex net>
Date: Mon, 2 May 2011 19:57:33 +0400
Packet filters and packet filtering threat control is reactive by design. (Well, maybe not "by design" as principle of technology, but "by design" of current implementation, being basically a way to apply regexp to a tcp/ip packet or tcp flow - and the second technique is called "advanced"). The efficiency of threat control depends on nature of the threat. Protocol driven attacks are not that widespread now, but they still do exist. I checked CVEs for, say, pop3 vulnerabilities of last 5 years and found out that about 90% are protocol abuses that are prevented by proper proxy on zero knowledge basis. For http the situation is strictly opposite, to be honest. But for http there are other things proxy can do. On Sat, Apr 30, 2011 at 04:10:44PM -0400, Dave Piscitello wrote:
I wonder if this "all a firewall should be is a packet filter" is truly the case. Is the buyer focus on proxy or packet filtering these days, or on "blocking X" where X is "a threat"? Most of the commercial marketing blather focuses on controlling threats, users, and application specific attacks. The only mention of packet filtering is often in the context of "packet filtering is no longer effective". Granted, this is smoke and mirrors, but search NGFW or WAF and tell me what you find. I'm not advocating that this is a good thing, BTW.
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Proxies, opensource and the general market: what's wrong with us? Fetch, Brandon (May 01)
- <Possible follow-ups>
- Re: Proxies, opensource and the general market: what's wrong with us? Darren Reed (May 01)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (May 02)
- Re: Proxies, opensource and the general market: what's wrong with us? Darren Reed (May 03)
- Re: Proxies, opensource and the general market: what's wrong with us? david (May 03)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (May 02)
- Re: Proxies, opensource and the general market: what's wrong with us? Dave Piscitello (May 01)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (May 02)
- Re: Proxies, opensource and the general market: what's wrong with us? david (May 01)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (May 02)
- Re: Proxies, opensource and the general market: what's wrong with us? Tracy Reed (May 03)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (May 02)
- Re: Proxies, opensource and the general market: what's wrong with us? david (May 01)