Full Disclosure mailing list archives
Re: Sony: No firewall and no patches
From: phocean <0x90 () phocean net>
Date: Wed, 11 May 2011 13:05:21 +0200
Wrong. Passive FTP is the first example that comes to my mind where inspection (based on statefulness) is needed. Also, if you filter (and you should) both inbound and outbound traffic, how do you allow legitimate responses to the server? In many cases and network designs, statefulness also allows to build slightly shorter and more efficient filtering rules. This way, a step toward simplicity is often a step toward security. On Wed, 11 May 2011 09:54:59 +0000, Dobbins, Roland wrote:
On May 11, 2011, at 4:52 PM, phocean wrote:I want to read how you justify that stateful hardware is useless to check sessions of TCP and upper protocols.In front of servers, where there is no state to inspect. ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Sony: No firewall and no patches, (continued)
- Re: Sony: No firewall and no patches Ivan . (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 11)
- Re: Sony: No firewall and no patches Christian Sciberras (May 11)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Cal Leeming (May 11)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 11)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 11)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 11)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Craig Miskell (May 11)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 12)
- Re: Sony: No firewall and no patches Cal Leeming (May 11)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 12)
- Re: Sony: No firewall and no patches Peter Osterberg (May 11)
- Re: Sony: No firewall and no patches Pavel Kankovsky (May 15)
- Re: Sony: No firewall and no patches Bruno Cesar Moreira de Souza (May 12)