[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: firewalling theory

On Thursday, February 7, 2002, at 07:34 PM, marco wrote:

The bad thing about proxy's is that one needs a proxy-program that does it's thing between the client and the server. For example, if one needs telnet then the proxy server needs to run an agent that transforms the packets from the client into packets that go to the server. Nice concept because you do have a physical separation between the client and the server. The bad thing is let's say somebody comes up with the next killer-app called connectme running on port 1034 the proxy server needs to be re-written to add in the newest agent.

Yep, I work for an extremely large and diversified company, we seem to have more business units than most companies have employees, and in their infinite wisdom they've limited us to http, telnet, and ftp proxies. And I doubt we'll ever get anything else. The ftp proxy sucks so bad and telnet in general sucks that thankfully our director was able to get us our own T1 so we could better manage our co-located servers (without telnet). If the CSO knew I had two NICs in my computer, one for the internal network and one for our T1, she'd roast me.


Never trust a top-poster.