Re: [fwd] Firewall Products: Many Not Ready For Prime Time, Study Says

["-= ArkanoiD =-" <ark () mpak convey ru>]

nuqneH,

=> Date: Wed, 1 Apr 1998 17:29:23 -0600
=> To: C Matthew Curtin <cmcurtin () interhack net>, "Marcus J. Ranum" <mjr () nfr net>
=> From: Rick Smith <rsmith () securecomputing com>
=> Subject: Re: [fwd] Firewall Products: Many Not Ready For Prime Time,
=>  Study  Says

[dd]

=> Reminds me of the first time I paid attention to a magazine's firewall
=> comparison article. They compared performance (the magazine's lab had a way
=> of measuring it). They compared which services could be passed through (the
=> magazine's lab had a way of testing it). They compared user interfaces (the
=> magazine's lab had a way of assessing it). But it seemed like they forgot
=> to assess something or other important about firewalls. Hmmm. Let me see if
=> I can remember what it was. Security features, maybe? Ability to block
=> attacks? Resistance to attack? Not the droids they were looking for, I
=> guess.

Heh. Things are even worse. When i see another magazine article about
firewalls i start crying out dirty words loud and kicking pets. Why?

Nearly every time i see some [censored] like this:

"..security is not the main issue; we tested all the products with ISS
scanner and found no vulnerabilities - so we can say they are all secure
enough. So the main feature is easy (read: GUI) administration - and
NT firewalls are better than Unix ones because installing and using
Unix is not easy - we even failed to install <list here> systems in
our lab".

Bulls**t. And _those_ people do think they are able to talk, say more,
recommend something security-related!?

I've seen that not once and not twice.

--- 
                                       _     _  _  _  _      _  _
   Must be a visit from the dead..     _| o |_ | | _|| |   / _||_|   |_ |_ |_
   CU in Hell ..........  Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|