Firewalls: RE: [NTSEC] ActiveX, MSIE and Quicken

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: [NTSEC] ActiveX, MSIE and Quicken
From:	"William M. Perry" <wmperry @ aventail . com>
Date:	Sun, 9 Feb 1997 16:51:17 -0800
To:	Firewalls @ GreatCircle . COM
In-reply-to:	<199702090900 . BAA08043 @ miles . greatcircle . com>
References:	<199702090900 . BAA08043 @ miles . greatcircle . com>
Reply-to:	wmperry @ aventail . com

>Presumably, one answer is for the firewall companies to write additional
>application layer filters for port 80, looking for ActiveX or Java
>downloads.  This would make configuration of the firewall a bit more
>complex.  Don't know if any of 'em are considering this yet.  Anyone have
>any scoop on this?

  You can do this with the aventail socks server right now, with the HTTP
filter, you can specify a second-layer of filtering based on the
content-type of the document being retrieved.  For text/html, you can
specify tags and attributes that should be removed from the source.  Its
trivial to have this remove scripting and object embedding stuff.

  I plan on writing a plugin to filter Java/Active-X that will check
signatures, etc.  Just have to find the time.

  You can get more info on the http filter and/or aventail's products at
http://www.aventail.com/, or email me directly, as I wrote the filter.

-Bill P.

Indexed By Date	Previous:	*Re: SLr released. rsh,rcp,rdist over SSL** From: mch @ squirrel . com (Mark Henderson)
Indexed By Date	Next:	*Re: SLr released. rsh,rcp,rdist over SSL** From: Adam Shostack <adam @ homeport . org>
Indexed By Thread	Previous:	RE: [NTSEC] ActiveX, MSIE and Quicken From: Jerry Mendes <mendes @ garnet . berkeley . edu>
Indexed By Thread	Next:	RE: [NTSEC] ActiveX, MSIE and Quicken From: "Starkweather, Mike" <mike . starkweather @ anheuser-busch . com>