Re: Firewall robustness

[Bernhard Schneck <Bernhard_Schneck () genua de>]

In message <97Oct2.123502gmt+0100.15235 () ddnfw0 namsa nato int> you write:
> This being said here is my question: Is it correct to believe that
> attacks directed against the TCP/IP stack (like the famous (infamous?)
> OOB attack family ) could lead to crash an NT Firewall where a Unix
> based firewall should continue to run?

Well ... there were a bunch of Unix based (or lookalike) systems
which were affected by ping-of-death (for more information, see
http://www.sophist.demon.co.uk/ping/)

So generally I'd say *every* system may be vulnerable, unless its
TCP/IP (and other kernel services) implementation has been formally
proven to be correct (Ha Ha Ha!)

On the other hand, many Unix systems have been beaten pretty hard for
the last 20 some years, so the more obvious bugs should be fixed by
now (but several vendors take incredibly long for getting out fixes).

NT is being targeted since one or two years and does pretty well
(considering the company it comes from :-), but may still need some
more shaking (IMHO).

\Bernhard.