[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: Proposed Firewall Configuration
From: smb () research ! att ! com
Date: 1994-08-31 19:22:21
[Download RAW message or body]
We thought that connecting each bastion host to the perimeter
network via a bridge would limit the traffic that could be
sniffed to just the traffic exchanged by the bastion host.
For example, if an intruder captured the anonymous ftp bastion
host and installed a sniffer, the intruder would not be able
to capture any SMTP traffic (which is handled by a different
bastion host). We believe the bridges to be sufficient for
this purpose and do not understand how adding an additional
router on the perimeter network would achieve the same
affect.
Such bridges are a good idea. Another possibility is to use a ``smart''
10BaseT hub.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic