|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: FW-1: Questions about DHCP and IPX
Adam Shostack (adam
homeport.org)
Fri, 25 Sep 1998 14:54:16 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Stefan Laudat: "Re: why isn't there a newer linux fw-howto"
- Previous message: Paige.Greenawaysrs.gov: "Re[2]: Netscape Proxy Server"
- Maybe in reply to: steve.gaileydb.com: "Netscape Proxy Server"
- Next in thread: Henry Hertz Hobbit: "Re: FW-1: Questions about DHCP and IPX"
On Thu, Sep 24, 1998 at 02:17:18PM -0400, Joseph S. D. Yao wrote:
| > Don't know about you, but that FW-1 is quite often installed with the
| > ability for anyone to connect to the FW-1 daemon is un-nerving to me.
| > If there were a backdoor, that would be the place to start looking...
|
| One thing I was told ... it doesn't matter whether or how well you
| review the code. CP supposedly can do automatic updates to it, to
| "improve" your firewall. How nice!
This is, unlike many FW-1 comments, a testable hypothosis.
Use tripwire.
Responding to someone else; I know of two commercial
enterprises that have FW1 source available to them. Its apparently
not hard to get if you spend enough money with them and sign the right
NDAs.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -Hume
- Next message: Stefan Laudat: "Re: why isn't there a newer linux fw-howto"
- Previous message: Paige.Greenawaysrs.gov: "Re[2]: Netscape Proxy Server"
- Maybe in reply to: steve.gaileydb.com: "Netscape Proxy Server"
- Next in thread: Henry Hertz Hobbit: "Re: FW-1: Questions about DHCP and IPX"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:47 CDT