Firewall Wizards mailing list archives
Re: Bypassing firewall
From: "Eric Hedberg" <hedberg () mr net>
Date: Mon, 31 Jan 2000 19:16:34 -0600
That would be why you should always use a split DNS -- Even the stupidest version of BIND isn't going to forward packets that aren't valid DNS queries... -Eric Hedberg ----- Original Message ----- From: "Robert Purdy" <liteyear () ihug co nz> To: <firewall-wizards () nfr net> Sent: Sunday, January 30, 2000 5:30 AM Subject: RE: Bypassing firewall
Lets say you have done everything in this document and have a very secure server and network. You have a DMZ and no one can get into your network
and
you are logging every connection made to the outside world. You make all your users go through a proxy and the only service you allow to go direct
to
the outside is DNS (port 53).
Current thread:
- Re: Bypassing firewall Eric Hedberg (Feb 01)
- <Possible follow-ups>
- RE: Bypassing firewall Eckhardt, H.J.R. - DTOMLD (Feb 01)
- RE: Bypassing firewall Marcus J. Ranum (Feb 01)
- Re: Bypassing firewall Darren Reed (Feb 02)
- Re: Bypassing firewall Marcus J. Ranum (Feb 03)
- Re: Bypassing firewall Darren Reed (Feb 03)
- Re: Bypassing firewall Marcus J. Ranum (Feb 03)
- Re: Bypassing firewall Darren Reed (Feb 02)
- Re: Bypassing firewall Kaptain (Feb 04)
- Re: Bypassing firewall Martin P. Peikert (Feb 04)