[Snort-users] Re: fragroute vs. snort: the tempest in a teacup

Jason Haar Jason.Haar at ...294...
Thu Apr 18 19:56:04 EDT 2002


On Thu, Apr 18, 2002 at 03:33:53PM -0400, Francis Cianfrocca wrote:
> Sorry for changing the subject, but what is the general state of the art 
> on application-level firewalls? Are any of them ready for prime time?

WHAT!?!?!

Sorry, that caught my eye. Application firewalls are OLDER than the
so-called "new-improved" NAT-style jobbies. As Doug says, they are
inherently resistent to many things that are problematic on NAT firewalls -
but are now falling out of vogue because NAT firewalls are "easier". I
should know - I was an application-firewall envangelist until I was hammered
down by "progress" :-/

BTW: Application firewalls typically means "proxy servers" :-)

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417




More information about the Snort-users mailing list