Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1998

NFR Wizards Archive: Re: [fwd] Firewall Products: Many Not Read

Re: [fwd] Firewall Products: Many Not Ready For Prime Time, Study Says

-= ArkanoiD =- (arkmpak.convey.ru)
Thu, 2 Apr 98 10:21:36 +0300

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: David Bonn: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
Previous message: Christopher Nicholls: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
In reply to: Adam Shostack: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
Next in thread: Rick Murphy: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time, Study Says"

nuqneH,

=> Date: Wed, 1 Apr 1998 17:29:23 -0600
=> To: C Matthew Curtin <cmcurtininterhack.net>, "Marcus J. Ranum" <mjrnfr.net>
=> From: Rick Smith <rsmithsecurecomputing.com>
=> Subject: Re: [fwd] Firewall Products: Many Not Ready For Prime Time,
=> Study Says

[dd]

=> Reminds me of the first time I paid attention to a magazine's firewall
=> comparison article. They compared performance (the magazine's lab had a way
=> of measuring it). They compared which services could be passed through (the
=> magazine's lab had a way of testing it). They compared user interfaces (the
=> magazine's lab had a way of assessing it). But it seemed like they forgot
=> to assess something or other important about firewalls. Hmmm. Let me see if
=> I can remember what it was. Security features, maybe? Ability to block
=> attacks? Resistance to attack? Not the droids they were looking for, I
=> guess.

Heh. Things are even worse. When i see another magazine article about
firewalls i start crying out dirty words loud and kicking pets. Why?

Nearly every time i see some [censored] like this:

"..security is not the main issue; we tested all the products with ISS
scanner and found no vulnerabilities - so we can say they are all secure
enough. So the main feature is easy (read: GUI) administration - and
NT firewalls are better than Unix ones because installing and using
Unix is not easy - we even failed to install <list here> systems in
our lab".

Bulls**t. And _those_ people do think they are able to talk, say more,
recommend something security-related!?

I've seen that not once and not twice.

---
                                       _ _ _ _ _ _ _
   Must be a visit from the dead.. _| o |_ | | _|| | / _||_| |_ |_ |_
   CU in Hell .......... Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|

Next message: David Bonn: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
Previous message: Christopher Nicholls: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
In reply to: Adam Shostack: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time,"
Next in thread: Rick Murphy: "Re: [fwd] Firewall Products: Many Not Ready For Prime Time, Study Says"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:10:46 CDT