nanog mailing list archives
Re: I don't need no stinking firewall!
From: Brielle Bruns <bruns () 2mbit com>
Date: Tue, 05 Jan 2010 14:05:06 -0700
On 1/5/10 2:01 PM, Peter Hicks wrote:
Tony Finch wrote:Stateful inspection is useful for breaking things in subtle and hard-to-debug ways.>http://fanf.livejournal.com/102206.html http://fanf.livejournal.com/95831.htmlIs that really stateful inspection? Isn't the SMTP fixup on a PIX an application-level gateway? I *though* most of the world turns SMTP fixup off because it's naff.
It is a ALG, and a completely braindead one at that. Nothing like trying to figure out what an error message means when its just...
XXX ******************************************************The PIX's fixup for DNS packets have been causing issues on my end too in one setup.
-- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
Current thread:
- Re: I don't need no stinking firewall!, (continued)
- Re: I don't need no stinking firewall! Dobbins, Roland (Jan 06)
- Re: I don't need no stinking firewall! Simon Lockhart (Jan 05)
- Re: I don't need no stinking firewall! Jay Hennigan (Jan 05)
- RE: I don't need no stinking firewall! Jason Shearer (Jan 05)
- Re: I don't need no stinking firewall! Jay Hennigan (Jan 05)
- Re: I don't need no stinking firewall! Henry Yen (Jan 05)
- Re: I don't need no stinking firewall! Jay Hennigan (Jan 05)
- Message not available
- Re: I don't need no stinking firewall! Jay Hennigan (Jan 07)
- Re: I don't need no stinking firewall! Henry Yen (Jan 11)
- Re: I don't need no stinking firewall! Peter Hicks (Jan 05)
- Re: I don't need no stinking firewall! Brielle Bruns (Jan 05)
- Re: I don't need no stinking firewall! Tony Finch (Jan 05)
- Re: I don't need no stinking firewall! Mark Smith (Jan 05)
- Re: I don't need no stinking firewall! William Herrin (Jan 05)
- Re: I don't need no stinking firewall! Sean Donelan (Jan 05)
- Re: I don't need no stinking firewall! William Herrin (Jan 05)