|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
GXD vs. SPF
Stout, Bill (StoutB
pios.com)
Thu, 24 Sep 1998 20:28:54 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Steve George: "Re: Content filtering"
- Previous message: Bill_Roydspch.gc.ca: "Re: Penetration testing via shrinkware"
- Next in thread: Paul D. Robertson: "Re: GXD vs. SPF"
- Reply: Paul D. Robertson: "Re: GXD vs. SPF"
- Maybe reply: Stout, Bill: "RE: GXD vs. SPF"
- Maybe reply: Ryan Russell: "Re: GXD vs. SPF"
- Maybe reply: Ryan Russell: "RE: GXD vs. SPF"
Having done my fair share of hand waving and whiteboarding about AG vs. SPF,
I'm curious about something else.
Generic Proxy security vs. SPF session security.
Given a specific traffic session, ignoring the whole packet-level attack
catagory:
If the GXD simply reassembles segments to TCP windows and passes them on to
the target, only using sequence numbers to keep track of the TCP session,
would a SPF provide better validation of a session than a generic proxy?
The security stack would be:
AG
SPF
GXD
Packet Filter
Bill Stout
- Next message: Steve George: "Re: Content filtering"
- Previous message: Bill_Roydspch.gc.ca: "Re: Penetration testing via shrinkware"
- Next in thread: Paul D. Robertson: "Re: GXD vs. SPF"
- Reply: Paul D. Robertson: "Re: GXD vs. SPF"
- Maybe reply: Stout, Bill: "RE: GXD vs. SPF"
- Maybe reply: Ryan Russell: "Re: GXD vs. SPF"
- Maybe reply: Ryan Russell: "RE: GXD vs. SPF"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:47 CDT