Firewall Wizards mailing list archives
Re: bodacion
From: Crispin Cowan <crispin () wirex com>
Date: Mon, 20 May 2002 15:36:36 -0700
Dave Piscitello wrote:
Has anyone had an opportunity to talk with or play with this embedded server? They claim it's unhackable and crashproof, built on what appears to be a proprietary OS but supportingweb over IP, SSL, etc.
I have not actually played with the product, but it is fun to play "spot the snake-oil claim" on their web site :)
* A "virus proof" web server. As compared to all those virus problems that Apache has :) * "Biomorphic technology" blah blah ... custom/proprietary (pseudo?)random number generator. As if that's the biggest security risk on a web server. Consider Schneier's views on the use of private ciphers, especially those with large & unusual technical terminology. * "No operating system" claiming that the Code Red problem was OS-related, when it was actually a buffer overflow in IIS (IIRC, it was an IIS add-on).But as I've said, I've never actually looked at a Bodacion. Who knows, perhaps it really is hacker proof :)
Disclaimer: My company also sells a security-hardened web server, so these really are the views from a competitor. But the reasons I claim our product is more secure get published in places like USENIX.
Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: bodacion Crispin Cowan (May 21)
- Re: bodacion Dave Piscitello (May 21)
- <Possible follow-ups>
- Re: bodacion David Klann (May 21)
- Re: bodacion Carric Dooley (May 22)
- RE: bodacion Christopher Gripp (May 21)
- RE: bodacion Philip J. Koenig (May 22)