[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: RE: Re: Virus Scanner
From: Paul Ferguson <pferguso () cisco ! com>
Date: 1997-07-28 11:39:37
[Download RAW message or body]
Good point. :-)
And not to mention traditional IP GRE and IP-in-IP tunnels (DVMRP).
- paul
At 11:04 AM 07/28/97 -0400, Russ wrote:
>As the use of encrypted channels (mail/ssl/vpn) become more prevalent,
>aren't Firewall-based virus scanners becoming less effective? Assuming
>that a Firewall-based virus scanner is going to protect you assumes it
>can see everything as it really appears, not always the case. Altavista
>Tunnel decapsulates beyond the Firewall, S/MIME and PGP don't make
>contents visible until read by the client, and SSL extends all the way
>to the client also. IPSEC-based tunnels would be similar.
>
>Cheers,
>Russ
>R.C. Consulting, Inc. - NT/Internet Security
>owner of the NTBugTraq mailing list:
>http://ntbugtraq.rc.on.ca/index.html
>
--
Paul Ferguson || ||
Consulting Engineering || ||
Herndon, Virginia USA |||| ||||
tel: +1.703.397.5938 ..:||||||:..:||||||:..
e-mail: pferguso@cisco.com c i s c o S y s t e m s
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic