RE: [squid-users] mIRC

From: Robert Collins <robert.collins@dont-contact.us>
Date: Wed, 27 Feb 2002 23:57:05 +1100

> -----Original Message-----
> From: Joe Cooper [mailto:joe@swelltech.com]

> As you
> may know, though, many folks mistakenly believe that sending
> everything
> through a 'proxy' (no matter what kind of proxy) is somehow
> inherently
> more secure than a correctly firewalled and segmented
> network...

Given the quality of apps that I see on a day to day basis, and a definition of firewall that limits the changes to layer3, maybe 4, then I'm willing to argue this one anytime.

The security point of a proxy is that it can
A) Remove/prevent known compromises of applications
B) Enforce the rules of the protocol

Both of which can greatly aid security. For example: squid can filter nimda attacks before they get near IIS servers (in acceleration mode).

Rob
Received on Wed Feb 27 2002 - 05:57:08 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:33 MST