Firewall Wizards mailing list archives
RE: Checkpoint Question
From: Marcus Goncalves <Goncalves () arcweb com>
Date: Fri, 21 Apr 2000 10:05:47 -0400
Thanks for your constructive feedback. Indeed we've noticed such errors, which some I take ownership for it, others were beyond my control. The book was revised to address these issues and another one with the CD, which did not bring the white papers and there was a typo stating the CD had an eval of FireWall-1, whereas you probably know, Check Point does not provide. What the CD has is an eval of Flood-Gate-1. You probably have an early version of the book. Anyhow, I appreciate your comments, especially as far as repetition, as I'll make sure to improve. Thanks again, and best regards, Marcus Goncalves -----Original Message----- From: Antonomasia To: firewall-wizards () nfr net; sachdev_neal () bah com Cc: goncalves () arcweb com Sent: 04/19/2000 6:55 AM Subject: Re: [fw-wiz] Checkpoint Question Neal,
Is it possible to install a Checkpoint firwall w/o formal training?
If
so, what are some of the resources like books, etc that can be used to do it right the first time. Any kind of help will be highly appreciated.
I'm sure practically anything _can_ be installed without formal training but not necessarily to best effect. One book I heartily deprecate is "Checkpoint Firewall-1 Administration Guide" Marcus Goncalves & Steven Brown McGraw Hill ISBN 0-07-134229-X This book is highly repetitive. For example half of p34 is half of p26 repeated with the odd word changed. IMO people writing for an intelligent readers should expect them to be capable of noticing this. It also reads at times like an advert. Does an admin guide need to refer to "unique, patented" aspects of the system ? There are also sufficient detectable errors that my confidence in the material new to me is rather low. Chapter 1 has an example (p 3,4 fig 1.2) where the text and figure do not obviously match. The text says this shows NAT, but the diagram looks as if it were intended to show a need for anti-spoof ingress filtering. P6 says about firewalling ftp "... port 20 on the internal network machines is still available to probes" in an apparent confusion of source and destination ports. They seem to have MD4 and RC4 confused (on pages 160,164,165). But I only know that after looking it up in the index. I haven't read beyond p46. Contrast TCP/IP Illustrated where I intend to read every word. I've cc'd the address the author gives in the introduction in case he wants to respond to these criticisms. I also have "Firewalls Complete" by the same author but have not looked at that yet. -- ############################################################## # Antonomasia ant () notatla demon co uk # # See http://www.notatla.demon.co.uk/ # ##############################################################
Current thread:
- RE: Checkpoint Question, (continued)
- RE: Checkpoint Question Chris Dinsmore (Apr 19)
- Re: Checkpoint Question Aaron Turner (Apr 19)
- RE: Checkpoint Question Robert Lupo (Apr 20)
- Re: Checkpoint Question Joe Matusiewicz (Apr 20)
- Re: Checkpoint Question Ejovi Nuwere (Apr 20)
- RE: Checkpoint Question Dom De Vitto (Apr 20)
- Re: Checkpoint Question Antonomasia (Apr 20)
- Re: Checkpoint Question Rogue Bolo (Apr 20)
- RE: Checkpoint Question Cannella, Michael (ISS Southfield) (Apr 21)
- RE: Checkpoint Question hermit1 (Apr 26)
- RE: Checkpoint Question Marcus Goncalves (Apr 24)
- RE: Checkpoint Question Oxenreider, Jeff (Apr 27)