Firewall Wizards mailing list archives

Re: IP filter - Fw1 comparison

From: Johan Allard <johan () allard nu>
Date: Sat, 27 Jan 2001 12:52:45 +0100 (CET)

On Sat, 27 Jan 2001, Chris Keladis wrote:

Since firewalls should be silent it shouldn't be possible to make
sites like http://www.netcraft.com/survey/ with automated tools for
calculating market share.


Well be carefull there.. A firewall 'should not' mess with the upper
application layers like http, unless it provides proxy services.

To my knowledge IPFilter does not do this.. I'm not sure but i dont think
Checkpoint does either (at least for WWW).

The Netcraft survey compares WWW servers, not firewalls.

Yes, exactly. For webservers it is easy to do comparison, connect and the
webserver will tell you. An IP filter firewall is very silent, a
FireWall-1 is often responding to some of the ports 256-261, a Raptor
allways has some ports open like usenet-news 119, others a recognizable
via other fingerprinting. Since these tests are quite intrusive I don't
think that anyone could set up a server doing them in order to provide som
statistics. So how can we tell what firewall is the most popular?

//johan

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

IP filter - Fw1 comparison Johan Allard (Jan 26)
- Re: IP filter - Fw1 comparison Chris Keladis (Jan 29)
  - Re: IP filter - Fw1 comparison Johan Allard (Jan 29)
- <Possible follow-ups>
- RE: IP filter - Fw1 comparison Johan Allard (Jan 29)