Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Security Portal: Firewalls - The Application Filter and Proxy

Feb 16, 2001, 07:34 (0 Talkback[s])
(Other stories by Kurt Seifried)

"Application proxies and filters are also becoming increasingly common. The reasons for deploying them are numerous, from simply speeding up access to certain services (for example by using a Web proxy) to filtering and access control and buffering internal servers against the Internet. Most application proxy servers can be attacked at the network level, but this will generally not result in a compromise of the server or movement of packets past the proxy server."

"It is much more common (and productive in most cases) to attack the proxy software itself, as it tends toward large complicated packages of software. Because application proxies work at the application layer, the data packets have been reassembled and turned into their respective data formats. The proxy then handles the data in some manner, from simply passing it on, to possibly relabeling the request."

"If a service is interactive, such as WWW, it can strip incoming data of dangerous items, such as Web cookies or browser type requests. Application proxies and filters allow you to reassemble the data and inspect it. Scanning for viruses is one common requirement, and generally cannot be achieved by a network layer proxy or firewall."

Complete Story

Related Stories: