Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FW-1: Questions about DHCP and IPX

From: Darren Reed <darrenr () reed wattle id au>
Date: Thu, 24 Sep 1998 19:43:44 +1000 (EST)
In some email I received from Marcus J. Ranum, sie wrote:
[...]

There have been huge numbers of bogus rumors spread about
FW-1, by unscrupulous vendors and self-aggrandizing consultants.
Nobody has ever come forward with a shred of evidence to the
effect that there is anything untoward in FW-1. 2 years ago
I offered a bounty of $2,000 for *PROOF* that there is a
deliberate trapdoor in FW-1 -- nobody has ever come forward
(though Adam Shostack tried to argue that some of the features
of their secure remote management are so clueless as to
constitute a backdoor) :)


One might give cause to wonder at how strong the FWZ1 encryption
is (proprietry crpyto for export) and at some of the default
settings which are implied as necessary - especially where management
is not-local to the box.

Don't know about you, but that FW-1 is quite often installed with the
ability for anyone to connect to the FW-1 daemon is un-nerving to me.
If there were a backdoor, that would be the place to start looking...

Darren
Previous By Date Next
Previous By Thread Next

Current thread: