--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

I spend the last two days at "Microsoft Security Days" in Paris while I
was spammed with "M$ does it", "M$ is great", yadda yadda... When I put
the commercial aspect away, there ISA server 2004 looks pretty nice.

To sum up, it is a firewall that can deal with network flow at
application level (aka ISO layer 7) - that is, it can block data flow if an
HTTP/SMTP/... command is known to be bad (too long, attack signature, ...).

My question is, using NetBSD ;), what is the way to validate network flow
at level7 ? Is it postfix that can kill a session (for eg) if the HELO
command gets more than "64" chars ? Is it squid that can terminate a
session if it see URL patterned like "GET blabla.php?vars=3DDOSme\n\n\n\n"
? How do we do this is the free world (didn't find anything on
google|freshmeat - but I may not have use the right search pattern).

TIA,
	Jo
--=20
,- This mail runs ------.
`--------- NetBSD/smtp -'

--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (NetBSD)

iD8DBQFECZJ30/VH7L7F7Y4RAqB0AJ92sR40pSnmxqHUumsmpFY6Fg6DdwCfUtDX
BBm99QZuHgo9+gazziFHwEk=
=z39u
-----END PGP SIGNATURE-----

--envbJBWh7q8WU6mo--