>The shortcoming of a packet filtering firewall is that it doesn't
>understand the protocol(s) involved in the conversation, so that if
>someone is abusing it (too many telnet logins, malformed application
>headers such as overlong SMTP commands, etc.), it can't know that, and
>it can't protect you against that kind of threat.
mmm,
with that in mind, what would i call an access-list on a router? (since
these are 'packet/or/frame-filtering policies' and can 'understand/filter
protocol/or/ToS fields' in packet/or/frame headers.)
_________________________________________________________________
Converse com amigos on-line, conheça o MSN Messenger:
http://messenger.msn.com
