Firewall Wizards mailing list archives
Re: WheelGroup Corporation's Response to our Work
From: "George M. Jones" <gjones () CompuServe NET>
Date: Mon, 2 Mar 1998 11:21:01 -0500 (EST)
In thinking about the problems raised by SNI a bit, it seems that a natural "next step" for ID products would be to marry them (or at least their signature recognition pieces) to proxy based firewalls. That way many of the "bad" packets are just dropped. The proxy by definition operates on the entire reassembled data stream exactly as it is it is sent to the destination. There are no questions about which packets reach the destination in which order or how the it will interpret them. Comments ? What problems would still remain ? What could not be done at all ? George Jones, Internet Security Engineer, CompuServe Network Services Email: George.Jones () CompuServe NET, Voice: +1 614 723-4560 Snail Mail: 5000 Britton Rd., PO BOX 5000, Hilliard, Ohio 43026-5000 USA PGP: 1024/8C1CEFC9 Fingerprint 20 79 AE 12 D0 8C 44 8F C5 37 2B 40 EA F5 C3 35
Current thread:
- Re: WheelGroup Corporation's Response to our Work George M. Jones (Mar 02)
- Re: WheelGroup Corporation's Response to our Work tqbf (Mar 02)