Okay, so sue me, I did respond :P
"Paul D. Robertson" wrote:
>
> Just because new protocols exist *doesn't* mean you have to let them
> through the firewall.
Definately not...
Except for HTTP of course. If I knew five years ago what monster HTTP would
evolve into I think I'd have made it company policy to never _ever_ let
it pass through the firewall in any direction. :)
> <snip>
> The server side is the *easy* part. It's the client side where the legacy
> of sloppyness will bite a *lot* of people.
Undoubtedly. (Which by the way is why the fix for all the current FTP problems,
IMHO, is to enforce passive mode FTP which exposes the servers but saves the
clients.) An unmanagable amount of workstations all in the hands of ... *shudder*
lusers, who all want to install the latest cool stuff from the hands of our
willing glitzy multimedia paperclip-assistant-providing run-everything-over-HTTP
vendors. It's a nightmare :P
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50
Mobile: +46 (0)70 66 77 636
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
