Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] PIX vs CheckPoint

from [Jeff Kell] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] PIX vs CheckPoint
Date: Tue, 29 Jun 2004 23:01:52 -0400 
Eric Paynter wrote:

On Tue, June 29, 2004 4:57 pm, Gary E. Miller said:

I agree, except for one small problem.  Don't you still have to delete
ALL the filter rules, and reenter them ALL to change the order of the
rules?


I don't administer the PIX boxes, so I don't know the details of the
interface. My statements were based on what the admins told me. However,
isn't the beauty of any CLI app that you can do all your administration
through simple scripts?

Sometimes it is an erase-and-redo operation, sometimes not; depends on the task you are trying to do and the software release. Someone earlier mentioned the PDM (PIX Device Manager) being a nightmare, but I find it to be absolutely wonderful for certain tasks. You don't want to use it for batch/bulk updates/configs, but it certainly has its strong points (especially current versions of PDM and PIX software).

And yes, PIX logs are extremely verbose <ahem>. Especially if you have it log URLs (which we aren't, but still get 5-10 gigs/day of logs).

Jeff


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Tools for checking for presence of adware remotely, Nancy Kramer
Next by Date:  Re: [Full-Disclosure] Tools for checking for presence of adware remotely, Joseph Pierini
Previous by Thread:  Re: [Full-Disclosure] PIX vs CheckPoint, Eric Paynter
Next by Thread:  Re: [Full-Disclosure] PIX vs CheckPoint, Simon Burr
Indexes:  [Date] [Thread] [Top] [All Lists]