Fwd: Re: [fw-wiz] RFC3514 - Evil Bit

>Delivered-To: firewall-wizards@honor.icsalabs.com
>From: "Steven M. Bellovin" <smb@research.att.com>
>To: "Paul D. Robertson" <proberts@patriot.net>
>Date: Wed, 09 Apr 2003 10:39:36 -0400
[...]
>Status:  
>
>In message 
><Pine.LNX.4.33.0304082050140.21230-100000@gargoyle.users.patriot.net
>>, "Paul D. Robertson" writes:
>>On Tue, 8 Apr 2003, Weil, Timothy R (BearingPoint) wrote:
>>
>>>  Date: Tue, 8 Apr 2003 17:18:27 -0500
>>              ^[1]
>>>
>>>      How will the "evil bit" be manipulated to detected MALWARE directed
>>>      at firewalls?  ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt
>>
>>Only one vendor has announced compliance, and AFAICT, the deadline for
>>their release hasn't been reached yet.  Also, there wasn't a mention of
>>complying with the NAT provisions.
>>
>>What I think needs to happen is that you need to attend the working group
>>session on the first anniversary to lobby for its implementation.  Since
>>it's obviously good enough for a standards track, maybe we'll see some
>>significant official support by then...[2]
>
>
>I've gotten some amazing responses, with not a few from people who took
>it seriously.  See http://www.research.att.com/~smb/3514.html for a
>summary.
>
>
>		--Steve Bellovin, http://www.research.att.com/~smb (me)
>		http://www.wilyhacker.com (2nd edition of "Firewalls" book)
>
>
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards@honor.icsalabs.com
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

lm

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List