Firewall Wizards mailing list archives

Tristrata (was RE: Port funnels?)

From: "Marcus J. Ranum" <mjr () nfr net>
Date: Thu, 15 Apr 1999 12:21:20 -0400

Technical Incursion Countermeasures wrote:

I'd be quite careful about using TriStrata if I was you.. for referece you
might want to read some of the papers Bruce Schneier has written regarding
it.. also note that TriStrata is backing away from the crypto side rather
rapidly.. to the extent of dumping the old CEO and putting in someone new...


I've gotta second that one. I read a few of the press releases
and documentation about how their system purportedly works. It's
beyond dumb. If I recall, they are shipping "one time pads" around
the 'net, encrypted with a normal encryption algorithm (blowfish,
I think, ironically). Research before you buy.

There's a lot of snakeoil out there, unfortunately. There was also
a company producing a "power one-time pad" - also to be avoided.
(It used the IP address and a repeating password which was sent
over the 'net in the clear to seed an autokey based on some mixing
algorithm that isn't even as good as DES)

mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr

Current thread:

Port funnels? Stout, Bill (Apr 13)
- Re: Port funnels? David Gillett (Apr 14)
- <Possible follow-ups>
- RE: Port funnels? Stout, Bill (Apr 15)
  - RE: Port funnels? carson (Apr 15)
- RE: Port funnels? Technical Incursion Countermeasures (Apr 15)
  - Tristrata (was RE: Port funnels?) Marcus J. Ranum (Apr 15)
    - Re: Tristrata (was RE: Port funnels?) -reply mht (Apr 15)