Hi,
I think what you meant is the SOCKS firewall. I've
never really understand the technology behind it
except that it's working at the transport layer. Can
somebody enlighten us with this technology in a layman
terms?
May be this email should be inside firewall mailing
list but just wondering about the technology behind
it. If you can compare this technology with network
and application layer firewall, it is better since I
understand both of them, more or less.
I know the faq site in case you want to link it:
http://www.socks.permeo.com/TechnicalResources/SOCKSFAQ/index.asp
Thanks in advance.
Regards,
Shaiful
--- "M. Dodge Mumford" <dodge@dmumford.com> wrote:
Rob Shein said:
At first, there were packet filters, which only
cared about what ports were
used and which hosts were talking; they were
ignorant with regard to
connection state, fragmentation, or any other
aspects of the communication.
And they failed to account for services like FTP,
where an outside host
needs to open a second inbound channel on an
unpredictable port to the
server. But it definitely cut back on the
exposure of a network to outside
attackers.
Actually, you missed the first step -- proxy
firewalls. They used their
host's TCP stack, could readily handle secondary
channels for services where
proxies chad been written. The boxes were expected
to be bastions -- to
actually block traffic, and to fall over if attacked
with sufficient vigor
(thus protecting the critical resources). But they
were slow compared to
the packet filters and stateful inspection
firewalls. The vendors failed to
demonstrate how they could mitigate attacks that the
market failed to
appreciate (or decided the cost outweighed the
risk). They would have been
an ideal place to perform the checks that prevention
systems are now moving
towards, but are treated as tubercular lepers.
As Ron Gula mentions, enterprise firewalls are
expected to have a certain
(large) feature set. By referring to this new breed
of stuff as being "kinda
like a firewall", vendors get to create an entire
new buzzphrase (rest in
peace, lowly buzzword), and not have to directly
compete with the big guys
who dominate that space. IPS vendors don't have to
feel bad about not being
a VPN endpoint, proxies, etc. Yet.
It seems to me the meaning of "firewall" has long
since been extended to
mean just about anything that has the ability to
block traffic.
--
Dodge, who works for a vendor in the market. Add
salt.
ATTACHMENT part 2 application/pgp-signature
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail
--------------------------------------------------------------------------
FREE Network Security Webinar - How to implement IPSec security into VPN
appliances
New threats and vulnerabilities require new high-performance IPSec VPN
solutions for network protection.
Join the security experts from SafeNet on August 26 at 1:00 PM (Eastern), and
learn how to successfully integrate IPSec security into VPN processors and
appliances to provide powerful yet cost-effective VPN solutions for your
customers.
Register now:
http://www.securityfocus.com/sponsor/SafeNet_focus-ids_040817
--------------------------------------------------------------------------
