In some mail from Robert E. Bowes, sie said:
> One of the major advantages of proxy servers is strong user
> authentication at the firewall, before gaining access to internal
> hosts. Can a packet filter do this? I don't think so.
Correct me if I'm wrong, but it seems that those who see major deficencies
are more interested in what happens to data going _in_ than data going out.
And this is where I think the mix is important:
It is more desirable to have _everything_ proxied going in whereas for
people making connections to external services, the proxy is more of an
inconvienience and neither is the threat as great (from the outside