Firewall Wizards mailing list archives
Re: Important Comments re: INtrusion Detection
From: tqbf () secnet com
Date: Thu, 19 Feb 1998 13:35:50 -0600 (CST)
Erm, why is this true? Presumably the firewall (or the final gateway in a firewall complex) has a connection to "the network" (unless it is Perfect), and hence, can sniff it.
Because the whole reason you'd deploy a proxy rather than a passive system is that "sniffing" does not allow you to reliably reconstruct sessions, while a proxy does. ----------------------------------------------------------------------------- Thomas H. Ptacek Secure Networks, Inc. ----------------------------------------------------------------------------- http://www.enteract.com/~tqbf "mmm... sacrilicious"
Current thread:
- Re: Important Comments re: INtrusion Detection, (continued)
- Re: Important Comments re: INtrusion Detection Paul McNabb (Feb 18)
- Re: Important Comments re: INtrusion Detection Paul McNabb (Feb 18)
- Re: Important Comments re: INtrusion Detection Steven M. Bellovin (Feb 18)
- Re: Important Comments re: INtrusion Detection Kurt Ziegler (Feb 18)
- Re: Important Comments re: INtrusion Detection Adam Shostack (Feb 18)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 18)
- Re: Important Comments re: INtrusion Detection Paul M. Cardon (Feb 19)
- Re: Important Comments re: INtrusion Detection Jonathan Care (Feb 19)
- Re: Important Comments re: INtrusion Detection Michael T. Stolarchuk (Feb 19)
- RE: Important Comments re: INtrusion Detection Kurt Ziegler (Feb 19)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 19)
- Re: Important Comments re: INtrusion Detection Barney Wolff (Feb 20)
- Re: Important Comments re: INtrusion Detection Aleph One (Feb 20)
- Re: Important Comments re: INtrusion Detection marc (Feb 20)
- Re: Important Comments re: INtrusion Detection Barney Wolff (Feb 20)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 20)
- Re: Important Comments re: INtrusion Detection Darren Reed (Feb 21)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 21)
- Re: Important Comments re: INtrusion Detection Darren Reed (Feb 21)
- Re: Important Comments re: INtrusion Detection Darren Reed (Feb 21)
- Re: Important Comments re: INtrusion Detection Vern Paxson (Feb 21)