Network Security: Detailed info on Re: Choosing a firewall (was Re:firewall suggestion)

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Firewalls

[Top] [All Lists]

Re: Choosing a firewall (was Re:firewall suggestion)

from [Bob Noxious] Network Security

[Permanent Link]

Subject:	Re: Choosing a firewall (was Re:firewall suggestion)
Date:	Wed, 23 Feb 2005 22:39:33 -0500

On Tue, 22 Feb 2005 18:20:34 -0600, Kevin <kkadow@gmail.com> wrote:

Just playing devil's advocate here, but shouldn't security appliance selection
be driven by the *security* features implemented by each vendor?  I'd hope
that all vendors are pretty much on equal footing in the arena of stateful
inspection packet filter features, and the real differentiation would be in
layers 5-7, with buzzwords like signature scanning and protocol anomaly
detection and "application layer" attack mitigation taking center stage.


And Checkpoint has claimed such features for years. That didn't stop
Dug Song, Thomas Lopatic, and John McDonald from making total swiss
cheese of Firewall-1 a few years ago based on their authentication,
state table, and application inspection exploits.

Why haven't we seen a similar audit of PIX or Netscreen, in all these years?

Does anyone REALLY know if PIX or Netscreen aren't swiss cheese already?


- Bob N.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: firewall suggestion, (continued) Re: firewall suggestion, charles antrim Re: firewall suggestion, Brian Ford Re: firewall suggestion, Kevin Russell Re: firewall suggestion, Wayne Taylor Re: firewall suggestion, peter zulu RE: firewall suggestion, tom . farrar Re: firewall suggestion, charles antrim Choosing a firewall (was Re:firewall suggestion), Kevin RE: Choosing a firewall (was Re:firewall suggestion), Tom Farrar Re: Choosing a firewall (was Re:firewall suggestion), Kevin Russell Re: Choosing a firewall (was Re:firewall suggestion), Bob Noxious <= Re: Choosing a firewall (was Re:firewall suggestion), Kevin RE: firewall suggestion, Jason Ha RE: firewall suggestion, Eric McCarty RE: firewall suggestion, Jose Maria Lopez Hernandez RE: firewall suggestion, Hesperia DOS-IT Security RE: firewall suggestion, Lamy Vincent Re: firewall suggestion, Vlad Slavoaca RE: firewall suggestion, Kevin Wright Re: firewall suggestion, Chris Buechler RE: firewall suggestion, Javier Otero De Alba

Previous by Date:	Re: Is this a good firewall?, Robert Hajime Lanning
Next by Date:	RE: Checkpoint NG Secureplateform Problem, Andrew Shore
Previous by Thread:	Re: Choosing a firewall (was Re:firewall suggestion), Kevin Russell
Next by Thread:	Re: Choosing a firewall (was Re:firewall suggestion), Kevin
Indexes:	[Date] [Thread] [Top] [All Lists]