[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    RE: Re: Virus Scanner
From:       "Paul D. Robertson" <proberts () clark ! net>
Date:       1997-07-28 12:05:51
[Download RAW message or body]

On Mon, 28 Jul 1997, Russ wrote:

> As the use of encrypted channels (mail/ssl/vpn) become more prevalent,
> aren't Firewall-based virus scanners becoming less effective? Assuming

Not only virus scanners, firewalls themselves will be less effective.  A 
tunnel is a tunnel, encrypted or in the clear.  

> that a Firewall-based virus scanner is going to protect you assumes it
> can see everything as it really appears, not always the case. Altavista
> Tunnel decapsulates beyond the Firewall, S/MIME and PGP don't make
> contents visible until read by the client, and SSL extends all the way
> to the client also. IPSEC-based tunnels would be similar.

Some SSL proxies can be set up to "Man-in-the-middle" SSL transactions 
(including Netscape's), allowing you to pass the traffic through 
scanners, application layer proxies, Java/ActiveX/Javascript blockers, etc.

Just like key escrow, I wouldn't want it at home, but I'd sure as heck 
demand it at work.

Paul 
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts@clark.net      which may have no basis whatsoever in fact."
                                                                     PSB#9280

[prev in list] [next in list] [prev in thread] [next in thread]