"Roy G. Culley" <[EMAIL PROTECTED]> writes: >What about normal ftp (not PASV), IIOP, net-meeting, sun-rpc, etc? >Keeping state is necessary if you are to have any chance of allowing >these without opening up huge holes in your firewall. If you're allowing those, you've opened up huge holes in your firewall by virtue of the fact that you're allowing them. Stateful inspection versus non-stateful inspection is a non-issue if the protocols you're letting back and forth are more toxic than a fist full of Ebola. mjr. --- Marcus J. Ranum, Chief Technology Officer, NFR Security, Inc. Work: http://www.nfr.com Play: http://www.ranum.com - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
- Re: Simple Pimple firewalls (t... Michelle Marcicki
- Re: Simple Pimple firewalls Paul D. Robertson
- IPChains vs. commercial FW Basti Bommel
- Re: Simple Pimple firewalls Gary Flynn
- Re: Simple Pimple firewalls Paul D. Robertson
- Re: Simple Pimple firewalls mouss
- Re: Simple Pimple firewalls Paul D. Robertson
- RE: Simple Pimple firewalls Larry Paul
- RE: Simple Pimple firewalls Ben Nagy
- RE: Simple Pimple firewalls Paul D. Robertson
- RE: Simple Pimple firewalls Marcus J. Ranum
- RE: Simple Pimple firewalls Ben Nagy
- RE: Simple Pimple firewalls Paul D. Robertson
- RE: Simple Pimple firewalls Reckhard, Tobias
- RE: Simple Pimple firewalls Ben Nagy
- RE: Simple Pimple firewalls Ben Nagy
- RE: Simple Pimple firewalls Reckhard, Tobias
- Re: Simple Pimple firewalls Paul Cardon
- RE: Simple Pimple firewalls Reckhard, Tobias
- Re: Simple Pimple firewalls Gary Flynn
- RE: Simple Pimple firewalls mouss
