Firewalls: Re: Firewall-1, any hints or gotcha's in it's installation??

Firewalls
(December 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewall-1, any hints or gotcha's in it's installation??
From:	Brain21 <brain21 @ montag33 . residence . gatech . edu>
Date:	Tue, 26 Dec 1995 16:25:02 -0500 (EST)
To:	Craig Anderson <craiga @ Ipsilon . COM>, Firewalls @ GreatCircle . COM
In-reply-to:	<Pine . LNX . 3 . 91 . 951221172204 . 23947B-100000 @ montag33 . residence . gatech . edu>

On Thu, 21 Dec 1995, Brain21 wrote:

> What if you get a filter wrong?  What about IP in IP attacks?  If 
> something is encapsulated and gets through the firewall by means of a 
> "legal" connection according to the firewall, then the header is stripped 
> and sent off from INSIDE.  If there is a way to protect against that 
> BEFORE it gets inside I would like to know.  AFAIK, packet filters and 
> proxies filter on the packet headers, and NOT on the data contained w/i.
> 
OOOPS! I did not mean to say exactly that about proxies!  I'm sure that 
I'll get plenty of email about this one! (I have not checked yet).

Brain21

References:

Re: Firewall-1, any hints or gotcha's in it's installation??
From: Brain21 <brain21 @ montag33 . residence . gatech . edu>

Indexed By Date	Previous:	Re: Sendmail security From: "Henry W. Farkas" <hfarkas @ carfax . ims . advantis . com>
Indexed By Date	Next:	Re: Firewalls-Digest V4 #716 -Reply From: Brain21 <brain21 @ montag33 . residence . gatech . edu>
Indexed By Thread	Previous:	Re: Firewall-1, any hints or gotcha's in it's installation?? From: Brain21 <brain21 @ montag33 . residence . gatech . edu>
Indexed By Thread	Next:	Re: Firewall-1, any hints or gotcha's in it's installation?? From: Carl Jolley <cjolley @ iac . net>