Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: SSL

Re: SSL

From: <teo_at_gecadsoftware.com>
Date: Wed, 17 Oct 2001 16:32:46 +0300

Hi Crumrine,!
On Tue, 16 Oct 2001, Crumrine, Gary L wrote:

>
> Just a quick question on SSL. If I allow SSL outbound, and a user
> browses a web site that is corrupt with something harmful like NIMDA, is it
> possible that they will infect my network... and will the firewall not pass
> it along without checking?
If you allow SSL only for already established connection, I don't think so.
>
> If true, how can I combat this? Is there a product that will stop
> the packets and inspect them before being returned to the requester?

I guess, in terms of iptables if you add -m state --state ESTABLISHED,RELATED
to accepted packets from outside then you are safe.

-- teodor
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 18 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]