Dailydave mailing list archives
Re: This just in: Firewalls are obsolete
From: <rdump () river com>
Date: Tue, 12 Jul 2005 11:20:18 -0600
At 00:59 +0200 on 2005-07-12, Florian Weimer wrote:
For complex protocols, you need one implementation which gets it right, not two or more which come close, but not close enough.
Better, you need one proxy implementation (which gets it right) of the protocol subset which you wish to allow through your perimeter. This just moves the complexity into HTTP sanitization, however. Is that still a net win, given the new location (proxy) for implementation bugs? Perhaps the single point of control, and reduction in protocol complexity, still helps if you have clients that are, for all practical purposes, unrepairable. Richard _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: This just in: Firewalls are obsolete, (continued)
- Re: This just in: Firewalls are obsolete Gadi Evron (Jul 11)
- Re: This just in: Firewalls are obsolete Florian Weimer (Jul 11)
- Re: This just in: Firewalls are obsolete Gadi Evron (Jul 11)
- Re: This just in: Firewalls are obsolete Gadi Evron (Jul 11)
- Re: This just in: Firewalls are obsolete Blue Boar (Jul 11)
- Re: This just in: Firewalls are obsolete Florian Weimer (Jul 11)
- Re: This just in: Firewalls are obsolete Gadi Evron (Jul 11)
- Re: This just in: Firewalls are obsolete Florian Weimer (Jul 11)
- Re: This just in: Firewalls are obsolete Blue Boar (Jul 11)
- Re: This just in: Firewalls are obsolete Blue Boar (Jul 11)
- Re: This just in: Firewalls are obsolete I)ruid (Jul 12)
- Re: This just in: Firewalls are obsolete Florian Weimer (Jul 11)
- Re: This just in: Firewalls are obsolete Gadi Evron (Jul 11)
- Re: This just in: Firewalls are obsolete Florian Weimer (Jul 11)
- Re: This just in: Firewalls are obsolete byte_jump (Jul 12)
- Re: This just in: Firewalls are obsolete dan (Jul 12)
- Re: Re: This just in: Firewalls are obsolete Gadi Evron (Jul 13)