RE: Paper: Unverified Fields - A Problem with Firewalls & Firewall Technology Today

["Ofir Arkin" <ofir () itcon-ltd com>]

Ok.

My thinking was on providing a short paper, not a long one that nobody will
read.
I'll revise the paper and produce much more examples.
It'll take some time doh (well I am busy as well - working for example :P).

Thanks fr the comments
Ofir


-----Original Message-----
From: Mikael Olsson [mailto:mikael.olsson () enternet se]
Sent: Monday, October 16, 2000 8:38 AM
To: Ofir Arkin
Cc: Firewall-Wizards
Subject: Re: [fw-wiz] Paper: Unverified Fields - A Problem with Firewalls &
Firewall Technology Today



Ofir,

Ofir Arkin wrote:
> The following problem (as discussed in this paper)
> has not yet been identified. Certain firewalls today,
> will not authenticate the validity of certain protocol
> fields, within the packet they are processing.

You make very broad, sweeping allegations in your
paper. For instance:

> The firewall devices presented in today’s market simply
> do not supply us with the solution.

Could you be a little more specific? Which firewalls
have you tested except for FW-1? It has a very broad
installed base, which indeed makes your probes a
large-scale problem. However, it is _not_, contrary
to popular belief, the product to define the term
"firewall" by.

Regards,
Mikael Olsson

--
Mikael Olsson, EnterNet Sweden AB, Box 393, SE-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 29 92 00         Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636        Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/       E-mail: mikael.olsson () enternet se

On bosses and technology: "There are bosses who don't know, and there
are bosses that don't know that they don't know" /Anonymous techie


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards