On Thu, 6 Jan 2000, Dave J Woolley wrote:
> > From: Merton Campbell Crockett [SMTP:mcc@TO.GD-ES.COM]
> >
> > A transparent Telnet proxy changes the source address presented to the
> > target system.
> >
> That requires a masquerading router (or more generally,
> Network Address Translating) not an application level
> proxy. For example, this is a kernel level function in
> Linux whereas a user level application is needed for
> application layer proxying.
Huh! There is no requirement for Network Address Translation. Nor, is
there a requirement for a masquerading router. We're talking about a
transparent Telnet application proxy.
The transparent Telnet application proxy predates masquerading routers and
Network Address Translation by two decades.
> > Depending upon local security policies, the user may, or may not, be
> > required to authenticate. If required to authenticate, usage restrictions
> > may be applied based on the specific user.
> >
> That's not transparent.
Transparent defines how the packets are intercepted or acquired. It does
not mean that the user is unaware that the proxy is present. Or, that he
may be required to enter a UserID and password.
> > If authentication is not required, the use of a transparent Telnet proxy,
> > typically, regulates Telnet usage by limiting the resources available for
> > establishing a connection.
> >
> That can be done using bandwidth shaping in the router at
> just below the transport layer, rather than the application
> layer.
Interesting, but unrelated to firewalls and transparent Telnet proxies.
Merton Campbell Crockett
Received on Thu Jan 06 2000 - 14:52:04 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:15 MST