I don't need no stinking firewall!

• Previous message (by thread): I don't need no stinking firewall!
• Next message (by thread): I don't need no stinking firewall!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/5/10 2:01 PM, Peter Hicks wrote:
> Tony Finch wrote:
>
>> Stateful inspection is useful for breaking things in subtle and
>> hard-to-debug ways.
>  >
>> http://fanf.livejournal.com/102206.html
>> http://fanf.livejournal.com/95831.html
>
> Is that really stateful inspection? Isn't the SMTP fixup on a PIX an
> application-level gateway?
>
> I *though* most of the world turns SMTP fixup off because it's naff.
>



It is a ALG, and a completely braindead one at that.  Nothing like 
trying to figure out what an error message means when its just...

XXX   ******************************************************

The PIX's fixup for DNS packets have been causing issues on my end too 
in one setup.


-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org

• Previous message (by thread): I don't need no stinking firewall!
• Next message (by thread): I don't need no stinking firewall!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]