Firewalls: Re: Does anyone else see this as a problem?

Firewalls
(December 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Does anyone else see this as a problem?
From:	Bill Husler <bhusler @ community . net>
Date:	Mon, 18 Dec 1995 22:29:39 -0800
To:	"--FIREWALLS Input Feed Address" <firewalls @ GreatCircle . COM>

Is it fair to say that I aggree with both you and ANS? ANS is 
authenticating HTTP, TELNET and FTP because these are inherently 
authenticating protocols. Gopher is not. In the rulebase you set up on 
your firewall, you define two items 1 is the direction for a connection 
(in, out, both) and the other is anthentication (which is only valid for 
authenticating protocols). Actually, I believe that what is really 
happening is that you can specify authenication for any protocol that ANS 
wrote a specific Application Proxie to handle and that the wrote them for 
FTP, TELNET and HTTP. Everything else is probably a generic proxie that 
does not support authentication. Since the Client code for Gopher does 
not have a mechanizm for authenticating the user, this would present a 
particular challenge - perhaps you would in essence be running a 
"special" authenticating Gopher.
Bill

Follow-Ups:

Re: Does anyone else see this as a problem?
From: Ron DuFresne <dufresne @ winternet . com>

Indexed By Date	Previous:	Re: re Timing Attacks From: blymn @ awadi . com . au (Brett Lymn)
Indexed By Date	Next:	Is DNS push possible? From: Per . Ahren @ medcom . se
Indexed By Thread	Previous:	Does anyone else see this as a problem? From: "Stamper, Steve" <sstamper @ bw . brhn . org>
Indexed By Thread	Next:	Re: Does anyone else see this as a problem? From: Ron DuFresne <dufresne @ winternet . com>