Michael,
I think that the problem here is the difference between knowing what a
product was designed to do and what everyone thinks it does. Firewalls
are GENERALLY not designed to filter e-mail. They are a combination of
hardware and software that provide access control to networks and their
associated resources. Content control is not usually provided by the
firewall itself, but by a 3rd party providing information about another
site or url.
I fail to understand why anyone expects that a 'generic' firewall would
keep out rouge e-mails. E-mail security is based not on controlling the
content of the e-mail, but restricting access to the transport agent, so
that the transport agent cannot be compromised. True filtering of e-mail
would require and AI program to understand the e-mail and it's content
in order to determine what action should be taken.
Testing a product to see if it performs as designed is very important. I
have not yet seen a design for a firewall that include e-mail content
filtering, therefore, failure to perform e-mail filtering does not
invalidate the whole design.
Grover
----------
From: Michael Sorbera
To: Jamie Lawrence; mjmccann @
connect .
ie
Cc: firewalls @
GreatCircle .
COM; jal @
thirdwave .
com
Subject: Re: Firewalls don't work
Date: Friday, August 08, 1997 10:51AM
Jamie Lawrence wrote:
> That's akin to wondering if washing machines work, sending a
> pair of shoes to a washing machine convention, and then concluding
> that washing machines don't work because you didn't get your shoes
> back.
>
> You clearly don't know what a firewall is for.
>
> -j
>
> >Wondering if Firewalls actually work, I decided to send an
> unsolicited
> >E-mail to the Firewalls Mailing list with the words "Multi Level" in
> >the text to clearly indicate a bulk mailing for an unsolicited
> product.
> >
> >4 perons replied objecting (one even writing to my postmaster).
> >19 persons requested details of the product!
> >
> >Back to the drawing boards and a new type of filters, boys and girls.
>
> >Kind regards
> >Michael
> >
> >
> >======================================
> >
> >One single piece of good news brightens the darkest day.
> > Proverb
> >======================================
> >
>
> --
> "I am about to, or going to, die. Either expression is used."
> --Last words of Mme. Brouhors, Grammarian, August, 1752.
> __________________________________________________________________
> jamie @
42is .
com Special Agent jal @
acm .
org
Jamie,
Not to start a bantering back and forth type flaming situation,
but...
If someone tests the validity of a product by an actual test of it's
ability to perform a function that it was designed for, and it fails
miserably, what's wrong with that? I don't understand how that follows
with the logic behind your statement?
Thanks,
Michael Sorbera
msorber @
ibm .
net
Remember,
"In the land of the clueless, he who has half a clue is KING!"
|
|
