Why is it preferrable to use a proxy instead of the appropriate firewall module.
It's preferrable IMHO and if the proxy is designed with security in mind. In my and some others' opinions, application layer gateways offer better protection than stateful or dumb packet filters. Ideally, you'll combine an ALG with a packet filter. One reason that I consider ALGs more secure than stateful filters is that they're able to deal with application protocol complexities. Stateful filters typically have a much more limited context, often only the TCP segment or UDP datagram they're currently processing. As such, they can hope to correctly identify PORT and other FTP control statements, but they should also be easier to trick into wrong behaviour. There have been numerous errors in stateful engines, some of them having to do with FTP, one of which allowed an attacker to access any TCP port on (at least, I don't remember well enough) the FTP server, by fragmenting PORT commands. The fix chosen in all stateful filters I know of, which is to allow only PORT commands enclosed within a single TCP segment or IP packet (don't remember which exactly, but it's irrelevant to the point), is a kludge, IMHO. Tobias