OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [ISN] Check Point boss snipes at Microsoft's security

From: InfoSec News (alertsinfosecnews.org)
Date: Mon Jun 11 2007 - 02:01:04 CDT

Forwarded from: security curmudgeon <jericho (at) attrition.org>

: http://www.techworld.com/security/news/index.cfm?newsID=9058
:
: By Raphael Fogel
:
: Check Point's chief executive has taken a swing at rival Microsoft,
: saying its security products leave a lot to be desired.
:
: Gil Shwed, also founder of the firewall vendor, made his remarks during
: a lecture on the global security market, before a group of network
: security managers at an IDC security conference in Israel.
:
: "Microsoft has been in the security market for more than ten years. It
: has firewall, VPN, anti-virus capabilities and disk encryption," Shwed
: said. "But it doesn't have the leading products in any of them, and
: apparently, the management and integration levels of its products is
: unsatisfactory."

Why do security vendors insist on waving their virtual penis like this?
Check Point, the same vendor with a steady stream of vulnerabilities in
their enterprise/corporate products since 1998, possibly earlier? The same
maker of Zone Alarm, their personal firewall that is a "$50-million-a-year
business" that has had vulnerabilities published since 2000?

: He refrained from mentioning other rivals like Cisco and Juniper. But he
: did say that security managers at major enterprises don't want to delve
: into the nuts and bolts of the security systems and components under
: offer. What they really want is a certificate guaranteeing that the
: security systems and components meet the regulations.
:
: They want to know their systems will be safe. They care less how that's
: achieved.

Meeting regulations and 'being safe' are NOT mutually inclusive.

Check Point Connectra NGX sre/params.php ICS Security Bypass Jan 25, 2007
Check Point VPN/Firewall Traversal Arbitrary File Access Jul 24, 2006
Check Point VPN-1 SecureClient SR_Watchdog.exe Path Subversion Privilege Escalation Jan 17, 2006
Check Point Firewall-1 Internal Certificate Authority (ICA) Information Disclosure Jan 1, 2006
Check Point VPN-1 SecureClient Security Policy Bypass Dec 7, 2005
Check Point NGX R60 CIFS Rule Packet Verification Failure Sep 7, 2005
Check Point VPN-1 SecuRemote/SecureClient Registry Information Disclosure Jul 20, 2005
[..]

ZoneAlarm Pro vsdatant Driver Local DoS May 1, 2007
ZoneAlarm Spyware Removal Engine (SRE) srescan.sys IOCTL Handling Local Privilege Escalation Apr 20, 2007
ZoneAlarm vsdatant.sys Hooked SSDT Function Local Privilege Escalation Apr 15, 2007
ZoneAlarm VETFDDNT\Enum Registry Key Multiple Function DoS Jul 1, 2006
ZoneAlarm Security Suite VSMON.exe Path Subversion Local Privilege Escalation Mar 8, 2006
ZoneAlarm ShowHTMLDialog() Outbound Filter Bypass Nov 8, 2005
ZoneAlarm Pro DDE-IPC Method Ruleset Bypass Sep 29, 2005
ZoneAlarm Vet Anti-Virus Engine Remote Overflow May 23, 2005
ZoneAlarm vsdatant.sys NtConnectPort() Hook Invalid Pointer Dereference Remote DoS Feb 11, 2005
[..]

_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas,
the world's premier technical event for ICT security
experts. Featuring 30 hands-on training courses and
90 Briefings presentations with lots of new content
and new tools. Network with 4,000 delegates from
70 nations. Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on
June 1 so register today. http://www.blackhat.com