At 09:06 PM 11/26/95 -0500, you wrote:
>Hey All,
> One big disadvantage of firewalls in an ever increasing network
>application world is that there is no easy way to write new proxies for
>firewalls.
> Many new applications won't be able to achieve wide spead use in the
>corporate world without appropriate "self-defense" security measures, even
>with, IMHO, the widespead use of IPv6.
> What is needed is a Proxy Application Programming Interface (PAPI) that
>will allow third party vendors to write application level proxies for their
>new applications for any firewall. PAPI must be as independant as possible
>from the underlying Firewall SW, OS and hardware platforms in order to gain
>ubiquitous acceptance.
> With the constant growth of the computing world and networking in general, I
>believe that the concept of PAPI is going to happen evntually.
>
> I am currently considering persuing this concept as part of my Masters
>project. I have a few questions for the list.
>
> 1) Has (or is) anyone else working on such a thing?
> 2) What new security concerns would the use of such an API create?
> 3) What do think? Complete honest (or rambling) opinions welcome.
>
>----- Ed Maillet
>maillet @
usmcs .
maine .
edu
>
Have you considered a SOCKS based firewall as a solution to the problem of
writing new proxies?
Regards,
Ken
|
|
