Linux Today: Linux News On Internet Time.

Security Portal: Firewalls - The Application Filter and Proxy

Feb 16, 2001, 07:34 (0 Talkback[s])
(Other stories by Kurt Seifried)

"Application proxies and filters are also becoming increasingly common. The reasons for deploying them are numerous, from simply speeding up access to certain services (for example by using a Web proxy) to filtering and access control and buffering internal servers against the Internet. Most application proxy servers can be attacked at the network level, but this will generally not result in a compromise of the server or movement of packets past the proxy server."

"It is much more common (and productive in most cases) to attack the proxy software itself, as it tends toward large complicated packages of software. Because application proxies work at the application layer, the data packets have been reassembled and turned into their respective data formats. The proxy then handles the data in some manner, from simply passing it on, to possibly relabeling the request."

"If a service is interactive, such as WWW, it can strip incoming data of dangerous items, such as Web cookies or browser type requests. Application proxies and filters allow you to reassemble the data and inspect it. Scanning for viruses is one common requirement, and generally cannot be achieved by a network layer proxy or firewall."

Complete Story

Related Stories: