Firewalls: Protocols with address within data

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Protocols with address within data
From:	Andrew Smith <awsmith @ rip . ops . neosoft . com>
Date:	Sun, 10 Nov 1996 06:09:30 -0600 (CST)
To:	firewalls @ greatcircle . com

After getting burned by having to tell a customer that Real Audio
will NOT work behind his address-translation Firewall-1 system
based on the assurances of a checkpoint support rep, I'm wondering
if anyone has a list of programs/protocols that aren't translatable...
ie...they contain address/port information in the data part of the
packets which aren't looked at by the firewall. I now know that
Real Audio, and VDO-Live (or whatever it's called) are problems,
and I suspect that BGP4 would also have severe problems.

Also, If anyone knows of a Real Audio proxie, on any platform,
please let me know.
 
---------------------------------------------------------------------------
Andrew Smith ** awsmith @
 neosoft .
 com ** Network Engineer ** 1-888-NEOSOFT
       ** "Opportunities multiply as they are seized" - Sun Tzu **
            ** http://www.neosoft.com/neosoft/staff/andrew ** 
---------------------------------------------------------------------------

Indexed By Date	Previous:	Re: Subnetting and Cisco ACL's From: Corneliu Tanasa <cornel @ logicnet . ro>
Indexed By Date	Next:	RE: Security Risks with Real Audio? From: C Matthew Curtin <cmcurtin @ research . megasoft . com>
Indexed By Thread	Previous:	Firewall planning From: omar @ uic1 . fapenet . org
Indexed By Thread	Next:	Re: Protocols with address within data From: Ryan Russell/SYBASE <Ryan . Russell @ sybase . com>