[WEB SECURITY] Firewall recommendations

Maxim Kostioukov maxim at francoudi.com
Wed Jun 8 09:11:39 EDT 2005


Regarding their web app firewall - TrafficShield, it might be vulnerable to HRS attack, the one described recently in the list.
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Additionally, when I was reading that "TrafficShieldTM protects against entire classes of HTTP and HTTPS based threats (both known and unknown)" from their brochure (http://www.gsec.co.uk/pdf_files/magnifire-brocuhre.pdf) I was wondering how attack prevention is possible for "unknown threats"...

> -----Original Message-----
> From: Gavin McDougall [mailto:lists at mediamill.co.za]
> Sent: Wednesday, June 08, 2005 3:22 PM
> To: websecurity at webappsec.org
> Subject: [WEB SECURITY] Firewall recommendations
> 
> 
> 
> Hi there,
> 
> I need any comments, suggestions or recommendations on a firewall 
> solution for a web hosting environment.
> 
> My boss is looking at spending a lot of money on a GnatBox appliance 
> firewall but I am arguing that you could probably do the 
> same, if not a 
> better job by using a Linux based firewall solution.
> 
> So if you are using a GnatBox or any other firewall in your 
> web-hosting 
> environment please let us know of your experiences.
> 
> Thanks,
> Gavin
> 
> ---------------------------------------------------------------------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
> 
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
> 
> 

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list