What should/does a proxy do?

Hal (halmrj.com)
Wed, 22 Oct 1997 10:23:31 -0400

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Bennett Todd: "Re: Security Policy"
• Previous message: Adam Shostack: "Re: Security Policy"

I expect this is an old argument. What should a proxy do? I would
distinguish between normal proxing functions, for example, what the
FWTK plug-proxy will do and *guard* functions that detect, flag or prevent
well known protocol (or data) driven attacks. Normal proxing functions
I would argue are easily documented because they are the external
behavior of the proxy. Guard functions are not easily knowable because
they are almost always internal to the proxy. For example, limiting the
range of commands and some of their arguments in SMTP, checking for, flaging or blocking known vulnerabilities in HTML or even with specific
industry wide browsers. If you check the FWTK html proxy you find
several such specialized checks.

Proxy guard functions are obviously focused on the protocol being proxed but
should there not be a minimum, a standard set or a measure to let us, the
general security community know what each firewall can or cannot provide
in the way of proxy defenses?

--------------------------------
"All models are wrong
some are useful" H L Feinstein
------------------------------- Security Adminstrator
                                        MRJ Technology Systems.

• Next message: Bennett Todd: "Re: Security Policy"
• Previous message: Adam Shostack: "Re: Security Policy"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:10 CDT