Firewall Wizards mailing list archives
Re: FW-1: Questions about DHCP and IPX
From: Henry Hertz Hobbit <hhhobbit () icarus weber edu>
Date: Wed, 23 Sep 1998 19:02:17 -0600 (MDT)
On Tue, 22 Sep 1998, Marcus J. Ranum wrote:
Jason L. Snowden wrote:P.S. I don't know if this affects you or not, but FW1 has quite a bit of Iraqi-written code in it, and the source code for it was recently published in the Gov't/Mil circles, so exploits will be soon to follow surely. It has been banned for use by Government installations for these reasons. They seem to have a problem with a firewall which was written by a nation hostile to the United States. No clue why. ;)Uh, Jason, I feel obligated to challenge you to substantiate this rather grandiose claim.
<BIG SNIP>
Further, you assert that it's been banned for use at Gov't installations -- WOW that's big news. As someone still involved in companies that do firewalls, I expect I'd have heard such huge news. Can you substantiate it? Can you point to a SINGLE PLACE where such a policy has been issued?? As soon as you do, we'll all run out and short CHKPF. But not until you can offer a shred of proof.
I know of two major government institutions using FW1, one of which recently switched to it from Gauntlet. No, I can't tell you how I found out, or even who they are. From the last thing I heard they have no intention of changing.
Lastly, Israel, the nation in which Checkpoint's product was written, is not (to my knowledge) overtly hostile to the United States. Or are you seriously hooked into some privy diplomatic channels, as well??
Overtly hostile, no. But tacitly not *always* in accord with what the United States wants, yes. As for Mossad, the fact that they have a serious problem with human rights abuses, who can tell what they are up to? I have a feeling that even the Israeli government doesn't know what they are doing 90% of the time, just like our government doesn't know what the FBI or CIA are doing most of the time. As to the source code being available to certain sources in this country, it stands to reason that it would be available to some government site if they are using it. Any major user of a product can frequently ask for and get this, not just the government. If one vendor doesn't give it to them, they will go some place else where they will get it. HHH
Current thread:
- FW-1: Questions about DHCP and IPX Jim Hebert (Sep 15)
- Re: FW-1: Questions about DHCP and IPX Chris Brenton (Sep 17)
- Re: FW-1: Questions about DHCP and IPX Calvin Ng (Sep 17)
- <Possible follow-ups>
- Re: FW-1: Questions about DHCP and IPX Jason L. Snowden (Sep 22)
- Re: FW-1: Questions about DHCP and IPX Marcus J. Ranum (Sep 23)
- Re: FW-1: Questions about DHCP and IPX Henry Hertz Hobbit (Sep 24)
- Re: FW-1: Questions about DHCP and IPX Darren Reed (Sep 24)
- Re: FW-1: Questions about DHCP and IPX Joseph S. D. Yao (Sep 24)
- Re: FW-1: Questions about DHCP and IPX Adam Shostack (Sep 25)
- Re: FW-1: Questions about DHCP and IPX Marcus J. Ranum (Sep 23)
- Re: FW-1: Questions about DHCP and IPX Kevin Steves (Sep 29)
- Re: FW-1: Questions about DHCP and IPX Adam Shostack (Sep 29)
- Re: FW-1: Questions about DHCP and IPX Marcus J. Ranum (Sep 29)
- BorderManager, was Re: FW-1: Questions about DHCP and IPX Kjell Wooding (Sep 24)