Firewall Wizards mailing list archives
PIX sux? (was Re: Start watching your logfiles folks!)
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Wed, 22 Dec 1999 19:19:45 -0800
Since PIX is a network level firewall, there are quite a few OSI levels that can be used to attack you...
...The PIX can't really touch layer 1, is that what you meant?
Although your site is under attack PIX will not report any errors or stop the unauthorized activity.
My FW-1 firewall (which is the same basic technology as the PIX) reports on and protects from quite a few things. I can't personally make any claims about the correctness of the PIX code, but there are no problems with it's design from a theoretical standpoint. If you've got some specific information, I'm sure we'd like to hear it. If not, it sounds rather like you're making unfounded statements, and want to start the SPF vs. Proxy debate again. (Which I'll stay out of this round... I've got a brand new baby keeping me from sleeping. MJR, you let the flamebait through, so don't complain at me. :) ) Ryan
Current thread:
- PIX sux? (was Re: Start watching your logfiles folks!) Ryan Russell (Dec 24)
- <Possible follow-ups>
- Re: PIX sux? (was Re: Start watching your logfiles folks!) Predrag Zivic (Dec 26)
- RE: PIX sux? (know Stateful vs Application) Shaun Moran (Dec 27)
- RE: PIX sux? (know Stateful vs Application) Frederick M Avolio (Dec 28)
- RE: PIX sux? (know Stateful vs Application) David Lang (Dec 28)
- RE: PIX sux? (know Stateful vs Application) Dom De Vitto (Dec 28)
- Re: PIX sux? (know Stateful vs Application) Darren Reed (Dec 30)
- RE: PIX sux? (know Stateful vs Application) Shaun Moran (Dec 27)
- Re: PIX sux? (was Re: Start watching your logfiles folks!) Ryan Russell (Dec 27)