Firewall Wizards mailing list archives
Checkpoint's supported services
From: Jeromie Jackson <jeromie () garrison com>
Date: Wed, 30 Sep 1998 11:36:25 -0700
Upon review of various configuration programs within Firewall-1 it became quite apparent that the large number of supported services on Firewall-1 are simply plugs (or whatever you care to call it) through the firewall. Basically what Checkpoint has done is pre-configured known ports/services into the box to where you can easily turn them on. These services are not actually being secured based on any application-level knowledge, nor are they secured @ lower layers, other than supporting a stateful implementation of UDP. This being said, I find it comical that Checkpoint touts there large service support. Any application level gateway I'm familiar with could also implement such a task by mearly setting up all the plugs, just not turning them on. Checkpoint has sold a lot of boxes based on the amount of services supported. I find this terribly comical... The commercial market sure is gullable as hell, isn't it.. Jeromie Jackson -CISSP Garrison Technologies 760-633-1843 jeromie () garrison com Web: http://www.garrison.com
Current thread:
- Checkpoint's supported services Jeromie Jackson (Oct 01)