|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: feature req: more info on TCP session for content filter and/or policy delegation server
From: Wietse Venema (wietse
porcupine.org)
Date: Sun Jan 02 2005 - 18:54:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mark Martinec:
> > Neither source port nor destination port are relevant for
> > client fingerprinting.
>
> The source port number (i.e. the whole TCP quadruple) is needed to be able
> to distinguish between boxes behind NAT, e.g. when they are firewalled.
NAT is not a firewalling technique. Without a proper firewall on
top of NAT, is is possible to break into systems behind NAT boxes.
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]