On Mon, Mar 24, 2008 at 12:15:55AM -0700, Bryan Irvine wrote:
> having also not read the book, my guess would be that a transparent
> proxy + firewall would increase security because people don't have the
> the option to run SSH tunnels via the HTTP port. A good example would
> be years ago I ran
having also not read the book, my guess would be that a transparent
proxy + firewall would increase security because people don't have the
the option to run SSH tunnels via the HTTP port. A good example would
be years ago I ran a sock4 proxy on port 80 on my home firewall to
allow me to download M
On 2008-03-23, Ed Flecko <[EMAIL PROTECTED]> wrote:
>
> He then shortly thereafter says, "Firewalk even works against
> traditional and stateful packet filters, which both just decrement the
> TTL by one. However, Firewalk does not work against proxy based
> firewalls, because proxies do not forwar
In one section of the book (Page 301) the author contrasts nmap to
"Firewalk". He says, "nmap cannot differentiate between what is open
on an end machine and what is being firewalled. Firewalk, on the other
hand, can determine if a given port is allowed through a
packet-filtering device.With this i
On 23 Mar 2008 at 7:58, Ed Flecko wrote:
> The book is called "Counter Hack Reloaded: A Step-by-Step Guide to
> Computer Attacks and Effective Defenses (2nd Edition)" -
> http://www.amazon.com/Counter-Hack-Reloaded-Step-Step/dp/0131481045/re
> f=pd_bb
> s_1?ie=UTF8&s=books&qid=1206284032&sr=8-1
>
The book is called "Counter Hack Reloaded: A Step-by-Step Guide to
Computer Attacks and Effective Defenses (2nd Edition)" -
http://www.amazon.com/Counter-Hack-Reloaded-Step-Step/dp/0131481045/ref=pd_bb
s_1?ie=UTF8&s=books&qid=1206284032&sr=8-1
The author makes several references to "proxy firewall
On Sat, Mar 22, 2008 at 4:07 PM, Jon <[EMAIL PROTECTED]> wrote:
> Just like pfsync makes router fail-over possible when combined with
> CARP, is there a similar mechanism that could be used between two
> OpenBSD routers to provide fail-over for squid?
You would be well served by doing some resea
Just like pfsync makes router fail-over possible when combined with
CARP, is there a similar mechanism that could be used between two
OpenBSD routers to provide fail-over for squid?
If the squid machines I have to deal with over here could be replaced
with OpenBSD boxes I could just casually r
Ed Flecko wrote:
> I have not yet fully researched the PF ... wonder if PF would
> analyze the incoming data stream first and then
> Squid, or would that be Squid first and then PF?
It seems that you would benefit from beginning that research,
sooner rather than later.
Reading any material at all
On Sat, Mar 22, 2008 at 10:50 AM, Ed Flecko <[EMAIL PROTECTED]> wrote:
> I have not yet fully researched the PF functionality of OpenBSD, so
> I'm therefore guessing that the PF feature adds "stateful packet
> inspection" to an OpenBSD box.
>
> With that assumption, I guess I'm thinking PF and Squ
I have not yet fully researched the PF functionality of OpenBSD, so
I'm therefore guessing that the PF feature adds "stateful packet
inspection" to an OpenBSD box.
With that assumption, I guess I'm thinking PF and Squid (which works
at the application layer of the OSI stack) would make a pretty
fo
On Fri, Mar 21, 2008 at 9:27 PM, Ed Flecko <[EMAIL PROTECTED]> wrote:
> Hi folks,
> I'm reading a book on network security and it mentions "proxy
> firewalls", so I'm wondering if an OpenBSD box with Squid installed
> would fit this description? Or, are there other "proxy firewalls" the
> autho
Ed Flecko wrote:
> I'm reading a book on network security and it mentions "proxy
> firewalls" ... are there other "proxy firewalls" the
> author is referring to?
Which book? Title, author, ISBN would help. Or send a link to a review.
> As a matter of curiosity, has anyone ran an nmap scan again
"Ed Flecko" <[EMAIL PROTECTED]> writes:
> Hi folks,
> I'm reading a book on network security and it mentions "proxy
> firewalls", so I'm wondering if an OpenBSD box with Squid installed
> would fit this description? Or, are there other "proxy firewalls" the
> author is referring to?
>
> The book m
Hi folks,
I'm reading a book on network security and it mentions "proxy
firewalls", so I'm wondering if an OpenBSD box with Squid installed
would fit this description? Or, are there other "proxy firewalls" the
author is referring to?
The book mentions that although "proxy firewalls" tend to slow t
15 matches
Mail list logo