Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] proxy for firewall
  • From: Steffen Dettmer <steffen@xxxxxxx>
  • Date: Wed, 29 Mar 2000 18:30:32 +0200
  • Message-id: <20000329183032.H1253@xxxxxxxxx>
* Rupert Koenig wrote on Wed, Mar 29, 2000 at 16:50 +0200:
>
> thought, it would be nice for a firewall if the proxy:
> - only has a connection to server OR client

How would this work with i.e. HTTP? The proxy had to close the
client connection before connecting the server, then client would
get no data - what did I miss?

> - does checks for mallicious java(-script)

It would be another possiblity to use a (internal) cacheing proxy
with such filter options (and virus checking!), so the proxy on
the firewall could kept simpler - and because of that the risk of
bug would be smaller.

> what helps the best firewall if someone could get acces
> to local filesystems via java...afik nearly all versions of
> netscape and MSIE are affected by java-problems.

Well, to go sure you had to filter a lot, activeX and other
executables, encrypted messages (which could contain a virus,
trojan or backdoor which cannot even be checked by a virus
scanner)...

oki,

Steffen

--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

< Previous Next >