Firewalls: Re: Dcom Rollout (fwd)

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Dcom Rollout (fwd)
From:	peter @ baileynm . com (Peter da Silva)
Date:	Thu, 29 Aug 1996 11:37:52 -0500 (CDT)
To:	proberts @ clark . net (Paul D. Robertson)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . GSO . 3 . 95 . 960829105713 . 24596D-100000 @ explorer2> from "Paul D. Robertson" at Aug 29, 96 11:00:15 am

> Is it just me, or does everyone else see a problem with every vendor in
> the world encapsulating over HTTP so the users can get right through the
> firewall?

It's not just you.

> IMNSHO we need a way to identify and block non-content HTTP.

Stealthed IP-over-HTTP would be a piece of cake. Just package the packets
in POST/RESPONSE pairs, and poll.

I don't think there's anything we can do against hostile software vendors
(people coming up with COOL APPS that grovel through your Netscape.INI
files to find your proxies without saying anything about it). We need to
come up with a tagging plan for cooperative vendors to go along with.

What mime type do Microsoft's product use?

Indexed By Date	Previous:	Re: Firewalls-Digest V5 #484 From: peter @ baileynm . com (Peter da Silva)
Indexed By Date	Next:	Re: Blocking non-http (executable) content From: peter @ baileynm . com (Peter da Silva)
Indexed By Thread	Previous:	Re: Firewalls-Digest V5 #484 From: peter @ baileynm . com (Peter da Silva)
Indexed By Thread	Next:	Re: Re: Firewalls-Digest #484 From: Help_desk @ tribune . com