executable content

dnewmanMcGraw-Hill.com
Tue, 23 Sep 97 19:30:20 -0500

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: GEIS: "FW MIB - was: How do you fight an attack in progress?"
• Previous message: Bennett Todd: "Re: HTTP in practice"
• Next in thread: Wyllys Ingersoll: "Re: executable content"
• Reply: Wyllys Ingersoll: "Re: executable content"

mjr wrote:

>> E) Expecting a decent portion of firewall administrators to be like those I
>> mentioned above, how restrictive are most commercial firewall products
>> out-of-the-box? (i.e., Is my feeling that 3) should be blocked by default
>> the reality?)

>I'd guess that most commercial firewalls, out of the box,
>won't block Java/ActiveX unless you tell them to. That may
>be a wrong guess, though.

At the time of the Data Comm test (January/February '97) only three out of 20
firewalls had built-in screening for Java *and* ActiveX: Global Internet (now
Cisco), Seattle Software Labs (now Watchguard), and TIS.

Eight could screen Java: Altavista (DEC), ANS, Check Point, GI, Raptor, Seattle,
Secure Sidewinder, and TIS.

Dunno if that's changed since. Check Point has a bunch more partners, including
Finjan, so they may have a plug-in for ActiveX. Seems kinda scary that at least
12 firewalls have no capability for screening executable content. . .

dn

• Next message: GEIS: "FW MIB - was: How do you fight an attack in progress?"
• Previous message: Bennett Todd: "Re: HTTP in practice"
• Next in thread: Wyllys Ingersoll: "Re: executable content"
• Reply: Wyllys Ingersoll: "Re: executable content"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:58 CDT