Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

IIS buffer overflows and firewalls
From: Joseph Steinberg <Joseph () whale-com com>
Date: Thu, 10 May 2001 11:52:32 -0400

The application-control engine of Air Gap technology is designed to allow
you to generate granular rules for the application at hand, without
arbitrarily selecting a maximum length (although you can also set length
requirements). The filtering takes place behind a physical
disconnection (and secure reverse proxy).

Inspection can be based on examining the URL itself, the parameters, the
HTTP methods, etc. - both length and values can be examined, and only
acceptable URLs are allowed to pass to the server. It all happens on the
safe side of the air gap, so hackers cannot bypass the inspection.

You do not need to restrict all of the URLs with global rules -- you can
set rules per URL as well. The rules would be based upon what the back-end
applications support; in fact, you could even "record" legitimate usage of
the application and have the system generate rules for you (which you can
tweak as necessary).

-- Joseph Steinberg

           (_.-.\         Joseph Steinberg
       .-,       `        Director of Technical Services
  .--./ /     _.-""-.     Whale Communications
   '-. (__..-"       \
      \          a    |   joseph () whale-com com
       ',.__.   ,__.-'/   (201) 947-9177 x1511
         '--/_.'----'`    http://www.whalecommunications.com

Register for a live web demo of Whale's e-Gap System
Tuesday, May, 22, 2001; 12:00 pm Eastern Time; 11:00 am Central Time; 9:00
am Pacific Time.

Visit us at Booth 7215 at Networld+InterOp in Las Vegas, May 8-10.

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]