Great Circle Associates Firewalls
(March 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: FW-1, etc.
From: mulligan @ incog . com
Date: Thu, 02 Mar 95 10:07:58 MST
To: Ed Strong <ems @ ccrl . nj . nec . com>
Cc: David Miller <isdmill @ gatekeeper . ddp . state . me . us>, "Samuel D. Jones" <sjones @ Aptech . com>, Firewalls @ GreatCircle . COM
In-reply-to: Your message of "Thu, 02 Mar 95 10:58:16 EST." <Pine . SUN . 3 . 91 . 950302103749 . 27986D-100000 @ deimos>
Reply-to: mulligan @ incog . com 
> Of course the trusted users inside can tunnel out through FW-1 if they want 
> to. But trusted users who want to leak information will not be stopped
> by an application level firewall either, unless you body search everyone for
> bootleg media and also cut off all modem access. (Pretty draconian.)

Can't you also tunnel out over a telnet proxy?  Heck, Marcus wants to
layer NFS on mail!

	geoff
References:
Indexed By Date Previous: Re: FW-1, etc.
From: Bryan McDonald <bigmac @ erg . sri . com>
Next: RE: FW-1, etc.
From: Carl Jolley <cjolley @ iac . net>
Indexed By Thread Previous: Re: FW-1, etc.
From: Ed Strong <ems @ ccrl . nj . nec . com>
Next: Re: FW-1, etc.
From: "Bryan D. Boyle" <bdboyle @ maverick . erenj . com>
Google
 
Search Internet Search www.greatcircle.com