Firewall Wizards mailing list archives
RE: Multi-media friendly Firewalls
From: carson () tla org
Date: Wed, 2 Feb 2000 10:56:08 -0500 (EST)
OK, I just can't resist such an easy target. For those of you who don't know me, I ported the firewall toolkit to Solaris 2.x many moons ago, and have been dealing with Gauntlet for quite some time. Despite everything I say below, I have yet to find a better product that has source code available and can be configured sans GUI. I just wish I didn't have to fight the broken !@#$%%^ software so much to get work done.
"Staggs" == Staggs, Michael <Michael_Staggs () NAI com> writes:
Staggs> stuff we have all grown used to (lazy) and the UNIX flavors still have the Staggs> option to edit .conf files and netperm tables should you feel more Staggs> comfortable with direct editing. And are willing to reverse-engineer the undocumented config file formats. Staggs> muliple fw policy console management, a long legacy of NO exploits and an *snort* *giggle* You _are_ joking, right? Shall I point out the buffer overflows in the old smap code? I'm sure I still have 4.0a source around. As of 5.5, the most egregious of the wretched code has been fixed, but there's more to do (I mean, really, y'all _still_ can't manage to get signal handling right? Sheesh). Staggs> intrusion detection/response capability and it is a rock solid performer. Except when your kernel mods panic the boxen. Or randomly drop rules. Or... Staggs> I work as an eng for NAI, so my opinion is biased, obviously. Check out the Performance is decent, if you have big enough iron. Documentation and managability are both fairly bad (assuming you have more than one box and need to do anything at all interesting). Code quality was horrendous, and is now merely bad. Given a few more revisions and another dozen or so patches from me and others and we might even get it to mediocre. -- Carson Gaspar -- carson () tla org carson () cs columbia edu carson () cugc org http://www.cs.columbia.edu/~carson/home.html Queen Trapped in a Butch Body
Current thread:
- RE: Multi-media friendly Firewalls Staggs, Michael (Feb 01)
- RE: Multi-media friendly Firewalls carson (Feb 02)
- <Possible follow-ups>
- Re: Multi-media friendly Firewalls ndr (Feb 01)
- Re: Multi-media friendly Firewalls ark (Feb 01)
- RE: Multi-media friendly Firewalls ark (Feb 02)
- RE: Multi-media friendly Firewalls Moore, James (Feb 02)
- RE: Multi-media friendly Firewalls Staggs, Michael (Feb 02)