Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Gauntlet 6.0
From: Ng Pheng Siong <ngps () post1 com>
Date: Mon, 8 Oct 2001 23:15:52 +0800
Hi,

While awaiting arrival of hardware to install Gauntlet 6.0 on, I've been
perusing the docu. The following come to mind:

- Is the GEMS protocol documented? What are its security properties? (GEMS
  is Gauntlet's centralised firewall management technology.) 

- Plugs-TCP redirect addressing - This appears to require static routing to
  the specific redirected address to be propagated upstream (until some
  NSP/ISP filters it out). Is this how it works? Has any one encountered a
  real-world scenario where this feature is useful?

- This Gauntlet-to-be-installed interposes a WebLogic app server and its
  clients, which are Java servlets on Internet-facing web servers. Is there
  a compelling security reason to use the plug proxy instead of packet
  filtering for the WebLogic t3/t3s protocols? (Doubtless my client's
  techies will cite performance reasons against the proxy...)

TIA for your input. Cheers.
-- 
Ng Pheng Siong <ngps () post1 com> * http://www.post1.com/home/ngps

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
  • Gauntlet 6.0 Ng Pheng Siong (Oct 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]