Firewalls: Re: firewall weaknesses

Firewalls
(April 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: firewall weaknesses
From:	mcr @ milkyway . com (Michael Richardson)
Organization:	Milkyway Networks Corporation
Date:	5 Apr 1995 16:19:31 -0400
To:	firewalls @ greatcircle . com
Distribution:	milkyway
Newsgroups:	milkyway.mail.firewalls
References:	<9504041213 . AA08391 @ all . net>

In article <9504041213 .
 AA08391 @
 all .
 net>,
Dr. Frederick B. Cohen <fc @
 all .
 NET> wrote:
>Does anyone have a firewall that will protect users from poorly
>configured http deamons without preventing authorized use? For example,

  You mean, a poorly configured http daemon on the private network?

  Put it on the DMZ, or on a service network. (A third network that is
behind the firewall, but still can't access the private network. It
might be behind a filtering router, but in front of the firewall, or
it might be on a third interface of a firewall)

  Why not just secure the httpd daemon itself. Wouldn't that be the
best solution? The firewall administrator had better know about any
services being provided on internal machines.

-- 
   :!mcr!:            |     <A HREF="http://www.milkyway.com/";>Milkyway Networks Corporation</A>
   Michael Richardson |   Makers of the Black Hole firewall 
 NCF: aa714 || xx714  | +1 613 566-4574 ... mcr @
 milkyway .
 com
 Home: <A HREF="http://www.sandelman.ocunix.on.ca/People/Michael_Richardson/Bio.html";>mcr @
 sandelman .
 ocunix .
 on .
 ca</A>. PGP key available.

References:

firewall weaknesses
From: fc @ all . net (Dr. Frederick B. Cohen)

Indexed By Date	Previous:	Registered IP vs unregistered From: Brad McCarty <mccarbc @ netcom . com>
Indexed By Date	Next:	Re: Alarms and paging From: mcr @ milkyway . com (Michael Richardson)
Indexed By Thread	Previous:	Re: TIS and Firewall one #'s From: liperta @ obelix . htl-tex . ac . at
Indexed By Thread	Next:	Re: Alarms and paging From: rodion @ beaker . med . yale . edu (R. Rodion Rathbone)