KM and MC,
Like you, I am confused with his statement using OSI architecture jargon. I
would like to know what he was referring to ...
Maybe the good doctor was saying that he depended more on the TCP/IP
protocol architecture layers than the OSI.
Otherwise, he was blowing smoke at the attendees. Maybe he should read
Appendix C: TCP/IP Fundamentals in Brent's book.
Ed
-------------------------------------------------
Ed Gelb Mailstop 7F-6
Ed Gelb <gelbe @
panasonic .
com
Panasonic Communications & Systems Company
2 Panasonic Way
Secaucus, New Jersey, 07094
Voice: (201)-348-7292
"Attacking must be a forward motion" Ed Gelb
-------------------------------------------------
----------
From: KM
To: firewalls
Subject: Re: Firewalls at lower levels?
Date: Friday, April 05, 1996 13:26EDT
In message <01I35FD8T9O2003CBE @
mc .
duke .
edu> writes:
> I was at a seminar presented by Stuart Holoman, Holocon Inc.
> yesterday, and he said firewalls are not effective/implementable
> below the session layer:
>
> layer 7 - App support
> layer 6 - Presentation
> layer 5 - Session
> layer 4 - Transport
> layer 3 - Network
> layer 2 - Data link
> layer 1 - Physical
>
> Any comments?
> I don't know if he was speaking in abstract terms (e.g., not many
> people know how to make them effective).
I find this very surprising. It would appear that Mr. Holoman is dismissing
out
of hand the efficacy of packet filters, which operate at the IP level. He
may
well feel this way, but it would have been nice of him to state *explicitly*
that he didn't think *PACKET FILTERS* were effective/implementable, rather
than
using OSI layer mumbo-jumbo to obfuscate his message. If that was, indeed,
his
message (based on what he said, who can tell?).
K.M. Goertzel, Program/Project Manager
Secure Systems and Services Operation
WANG FEDERAL, Inc.
7900 Westpark Drive - MS 700
McLean, VA 22102-4299 USA
TEL: 703-827 3914
FAX: 703-827 3161
EMAIL: goertzek @
wangfed .
com
WEB: http://www.wangfed.com
+-------------------------------------------+
| I am not young enough to know everything. |
| - J.M. Barrie |
+-------------------------------------------+
------ Message Header Follows ------
Received: from gatekeeper.panasonic.com by mecamail.panasonic.com
(PostalUnion/SMTP(tm) v2.1.8d for Windows NT(tm))
id AA-1996Apr05.131232.1486.21427; Fri, 05 Apr 1996 13:12:32 -0500
Received: from relay7.UU.NET by gatekeeper.panasonic.com (AIX 3.2/UCB
5.64/4.03)
id AA23082; Fri, 5 Apr 1996 13:14:34 -0500
Received: from miles.greatcircle.com by relay7.UU.NET with ESMTP
id QQakds22226; Fri, 5 Apr 1996 13:04:23 -0500 (EST)
Received: (majordom @
localhost) by miles.greatcircle.com
(8.7.1-lists/Lists-951222-1) id HAA24497 for firewalls-outgoing; Fri, 5 Apr
1996 07:40:41 -0800 (PST)
Received: from tuna.wang.com (tuna.wang.com [150.124.136.4]) by
miles.greatcircle.com (8.7.4/Miles-951221-1) with SMTP id HAA24489 for
<firewalls @
GreatCircle .
com>; Fri, 5 Apr 1996 07:40:36 -0800 (PST)
Received: from mail.wangfed.com (ns.wangfed.com [159.94.10.19])
by tuna.wang.com (8.6.12/8.6.12tf1) with SMTP id KAA10842
for <firewalls @
GreatCircle .
com>; Fri, 5 Apr 1996 10:38:36 -0500
Received: from hfsi.hfsi.com by mail.wangfed.com (1.37.109.4/A.09.00a)
id AA04719; Fri, 5 Apr 96 10:28:22 -0600
Received: from [159.94.14.48] by hfsi.hfsi.com (BULL 5.61++/B.O.S 02.01)
id AA16110; Fri, 5 Apr 96 10:32:33 -0500
Date: Fri, 5 Apr 96 10:32:33 -0500
Message-Id: <9604051532 .
AA16110 @
hfsi .
hfsi .
com>
From: "KM" <goertzek @
gateway .
wangfed .
com>
Reply-To: "KM" <goertzek @
wangfed .
com>
To: firewalls @
GreatCircle .
com
Subject: Re: Firewalls at lower levels?
Sender: firewalls-owner @
GreatCircle .
COM
Precedence: bulk
|
|
