On Thu, 27 May 1999, Marcus J. Ranum wrote:
> If I write another firewall product, it will only support attachment
> free Email, DNS (via a "proxy") and SSH. It'll require challenge/response
> authentication for every outgoing packet. :)
Bleeding liberal! Clients don't need DNS, the bastion can do that, and
SSH is a tunnel.
ASCII e-mail to a pre-arranged list of recipients, and from a
pre-arranged set of hosts with two factor authentication for in *and*
outbound traffic. With manual release of outbound mail out-of-band
dammit. In fact, hell with that DNS stuff, static UUCP maps only.
Now *that's* a firewall. :)
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
