Firewall Wizards mailing list archives

Re: bodacion

From: Crispin Cowan <crispin () wirex com>
Date: Mon, 20 May 2002 15:36:36 -0700

Dave Piscitello wrote:

Has anyone had an opportunity to talk with or play with this
embedded server? They claim it's unhackable and crashproof,
built on what appears to be a proprietary OS but supporting

web over IP, SSL, etc.

I have not actually played with the product, but it is fun to play "spotthe snake-oil claim" on their web site :)


   * A "virus proof" web server. As compared to all those virus
     problems that Apache has :)
   * "Biomorphic technology" blah blah ... custom/proprietary
     (pseudo?)random number generator. As if that's the biggest
     security risk on a web server. Consider Schneier's views on the
     use of private ciphers, especially those with large & unusual
     technical terminology.
   * "No operating system" claiming that the Code Red problem was
     OS-related, when it was actually a buffer overflow in IIS (IIRC,
     it was an IIS add-on).

But as I've said, I've never actually looked at a Bodacion. Who knows,perhaps it really is hacker proof :)

Disclaimer: My company also sells a security-hardened web server, sothese really are the views from a competitor. But the reasons I claimour product is more secure get published in places like USENIX.


Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Re: bodacion Crispin Cowan (May 21)
- Re: bodacion Dave Piscitello (May 21)
- <Possible follow-ups>
- Re: bodacion David Klann (May 21)
  - Re: bodacion Carric Dooley (May 22)
- RE: bodacion Christopher Gripp (May 21)
- RE: bodacion Philip J. Koenig (May 22)