On Thu, 21 Dec 1995, Brain21 wrote:
> What if you get a filter wrong? What about IP in IP attacks? If
> something is encapsulated and gets through the firewall by means of a
> "legal" connection according to the firewall, then the header is stripped
> and sent off from INSIDE. If there is a way to protect against that
> BEFORE it gets inside I would like to know. AFAIK, packet filters and
> proxies filter on the packet headers, and NOT on the data contained w/i.
OOOPS! I did not mean to say exactly that about proxies! I'm sure that
I'll get plenty of email about this one! (I have not checked yet).