Firewall Wizards mailing list archives
Re: bodacion
From: Dave Piscitello <dave () corecom com>
Date: Mon, 20 May 2002 20:06:04 -0400
If they had advertised it as a security hardened server, I would have probably been more inclined to research further. The claims are so overblown, and as you point out, the security "issues" they claim to solve seem like so much misdirection, I'm surprised I haven't seen anyone rant about it... until you :-) Thanks, Dave At 03:36 PM 5/20/2002 -0700, Crispin Cowan wrote:
Dave Piscitello wrote:Has anyone had an opportunity to talk with or play with this embedded server? They claim it's unhackable and crashproof, built on what appears to be a proprietary OS but supporting web over IP, SSL, etc.I have not actually played with the product, but it is fun to play "spot the snake-oil claim" on their web site :)* A "virus proof" web server. As compared to all those virus problems that Apache has :) * "Biomorphic technology" blah blah ... custom/proprietary (pseudo?)random number generator. As if that's the biggest security risk on a web server. Consider Schneier's views on the use of private ciphers, especially those with large & unusual technical terminology. * "No operating system" claiming that the Code Red problem was OS-related, when it was actually a buffer overflow in IIS (IIRC, it was an IIS add-on).But as I've said, I've never actually looked at a Bodacion. Who knows, perhaps it really is hacker proof :)Disclaimer: My company also sells a security-hardened web server, so these really are the views from a competitor. But the reasons I claim our product is more secure get published in places like USENIX.Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
David M. Piscitello Core Competence, Inc. & The Internet Security Conference 3 Myrtle Bank Lane Hilton Head, SC 29926 dave () corecom com www.corecom.com www.tisc2002.com hhi.corecom.com/~yodave/ _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: bodacion Crispin Cowan (May 21)
- Re: bodacion Dave Piscitello (May 21)
- <Possible follow-ups>
- Re: bodacion David Klann (May 21)
- Re: bodacion Carric Dooley (May 22)
- RE: bodacion Christopher Gripp (May 21)
- RE: bodacion Philip J. Koenig (May 22)