[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: RE: [NTSEC] ActiveX, MSIE and Quicken
From: "William M. Perry" <wmperry () aventail ! com>
Date: 1997-02-09 16:51:17
[Download RAW message or body]
>Presumably, one answer is for the firewall companies to write additional
>application layer filters for port 80, looking for ActiveX or Java
>downloads. This would make configuration of the firewall a bit more
>complex. Don't know if any of 'em are considering this yet. Anyone have
>any scoop on this?
You can do this with the aventail socks server right now, with the HTTP
filter, you can specify a second-layer of filtering based on the
content-type of the document being retrieved. For text/html, you can
specify tags and attributes that should be removed from the source. Its
trivial to have this remove scripting and object embedding stuff.
I plan on writing a plugin to filter Java/Active-X that will check
signatures, etc. Just have to find the time.
You can get more info on the http filter and/or aventail's products at
http://www.aventail.com/, or email me directly, as I wrote the filter.
-Bill P.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic