Paul D. Robertson wrote:
> Active FTP is a problem period. I've never allowed it for the generic
> user population behind any gateway I've run.
Sorry for the late follow up but I've been away from the office.
Your arrogant dictatorial stance is the reason for the increasing
momentum behind SOAP and even worse the move to use SSL for most
connections. From having some control over what is allowed through
your firewall you will have none. Security is a compromise between
giving your users behind the firewall the access they need and
stopping entry to your network from the Internet. If all firewall
administrators had your attitude then most s/w developers of Internet
applications would be tunnelling everything already. When that day
comes you and I are out of a job as firewalls will be useless.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
