[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
Fri Jan 31 11:40:54 PST 2003
> Why not just use application-level proxies for mail, web traffic,
> and any other information that needs to go to and from the outside?
> A company IS department is not a general-purpose ISP.
No thanks. I dislike proxies in the sense you're describing. Too many broken
apps which claim compatibility with a proxy but don't actually work. I'll
use my NAT and "super-deluxe" stateful firewall, thanks.
There's security, and then there's realistic security. A reasonably-paranoid
NAT and stateful firewall would have also stopped this. Proxies work great
so long as everyone plays nice. Unfortunately not all applications we run
play nice, and the ones writing the cheques don't particularly care that
fooWare 2000 doesn't play well with proxies, they just want the software they
were sold to work.
More information about the linux-elitists