This is a multi-part message in MIME format.
--------------090305010502060208090904
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

The archives of this list contain several threads that go into detail
about the pros and cons of stateful traffic inspection versus proxy or
"read-rewrite" firewalls.

Few firewalls today are exclusively one or the other today. The archives
have lots of opinions over which is better but I think that's a moot
issue at this point in firewall evolution.

Some of the things I like about SMTP proxies in particular are that they
allow you to rewrite header fields to normalize SMTP headers, i.e.,
every piece of mail can be made to look like it came from one server and
you can strip all but the mail headers you want to disclose before mail
exits, etc.

Commercial examples include Watchguard FireboxX and Secure Computing
Sidewinder. The original firewall toolkit evolved into one of my
favorite firewalls, the TIS Gauntlet. Network Associates bought TIS,
then NAI sold the Gauntlet to Secure Computing, who I believe offered
the Gauntlet on Solaris but has phased out the product. Sad, I really
loved running Gauntlet on BSD.

Matthew Hannigan wrote:
> On Wed, Nov 14, 2007 at 02:58:37PM +1100, Kelly Robinson wrote:
>> Some firewalls, after receiving a packet, generate a new packet and populate
>> it with data from the original, rather than forwarding the same packet that
>> was received. What are the advantages and disadvantages of this approach?
>> And does anyone have any examples of any firewalls that do this on the
>> market?

>
> I guess all proxying fireawalls like the original fwtk do this.
>
> Advantage:
>
> Your firewall is more trusted not to do funky stuff
> that might upset internal servers.
>
> Directly concomitant disadvantage:
>
> The packet may not be an entirely faithful
> version of the original (besides the obvious
> source addr/port)
>
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailma...rewall-wizards
>


--------------090305010502060208090904
Content-Type: text/x-vcard; charset=utf-8;
name="dave.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="dave.vcf"

begin:vcard
fnavid Piscitello
n:Piscitello;David
adr;dom:;;3 Myrtle Bank Lane;Hilton Head;SC;29926
email;internet:dave@corecom.com
x-mozilla-html:FALSE
url:http://hhi.corecom.com/weblogindex.htm
version:2.1
end:vcard


--------------090305010502060208090904
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards

--------------090305010502060208090904--