> Roy G. Culley wrote:
>
> > Paul D. Robertson wrote:
> >
> >> Active FTP is a problem period. I've never allowed it for the generic
> >> user population behind any gateway I've run.
> >
> > Sorry for the late follow up but I've been away from the office.
> >
> > Your arrogant dictatorial stance is the reason for the increasing
> > momentum behind SOAP and even worse the move to use SSL for most
> > connections.
>
> (More ranting deleted)
>
> Oh, is that what you think? Everything SHOULD be encrypted, there's no
> excuse (in this day and age) for the existence of non-encrypted traffic
> of any sort, even if you're only employing weak encryption.
>
> Your arrogant dictatorial stance only shows that you are a tool of the
> governments of the world which would have us believe that encryption is
> not necessary. Those of us who are tired of wondering if someone will
> sniff a password and gain access to something we considered to be
> harmless and exploit some vulnerability would prefer if all traffic were
> encrypted.
>
> Ordinarily I wouldn't attack so strongly, or so tritely, but like likes
> like, as they say.
>
> If you would like to have the last word, rest assured that I will not
> continue this thread on the list.
Another simpleton joins the discussion. I have nothing against encryption
what so ever. I use PGP whenever I want to transfer sensitive data. What
we we talking about is protecting a companies data from outside and inside
attack (remember over 80% of security incidents are from the inside). The
original discussion was about firewalls keeping state about connections. I
tried to explain why stateful firewalls are useful. Mr. Robertson thinks
differently on this matter. I think he is wrong. For sure when everyone
uses encryption the job of a firewall administrator is over. He admits this.
I'm just saying that his dictatorial attitude is hastening this day.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
