Great Circle Associates Firewalls
(February 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Product selection
From: peter @ nmti . com (Peter da Silva)
Date: Fri, 9 Feb 1996 13:36:44 -0600 (CST)
To: jon @ london . hcsc . com (Jon Shallow)
Cc: peter @ nmti . com, jon @ london . hcsc . com, firewalls @ GreatCircle . COM
In-reply-to: <9602091727 . AA12653 @ london . csd . harris . com> from "Jon Shallow" at Feb 9, 96 05:27:39 pm 
> Depends on how the firewall is set up.  A firewall worth its salt these
> days will have both dynamic (state driven ) packet filtering and proxies.
> The proxy could try to establish another TCP connection, but this
> connection would have to be permitted by the packet filtering.

And what about a proxy that's *expected* to open TCP connections, for
example an SMTP proxy?

No, he couldn't attach to port 23, but odds are there's opportunities
on port 25 somewhere.
Follow-Ups:
References:
Indexed By Date Previous: Re: JAVA security problem ?
From: Jeff Murphy <jcmurphy @ smurfland . cit . buffalo . edu>
Next: Ultimately secure firewall --
From: "Marcus J. Ranum" <mjr @ clark . net>
Indexed By Thread Previous: Re: Product selection
From: jon @ london . hcsc . com (Jon Shallow)
Next: Re: Product selection
From: jon @ london . hcsc . com (Jon Shallow)
Google
 
Search Internet Search www.greatcircle.com