Firewall Wizards mailing list archives
Re: Firewall Primitives
From: Predrag Zivic <pzivic () yahoo com>
Date: Sun, 10 Nov 2002 09:00:16 -0800 (PST)
The fact that there are HUGE numbers of new protocols and many of them are designed by idiots, poorly documented, and proprietary makes packet-filtering firewalls nearly a necesssity. It's why (in the early days) CheckPoint did so well: you could let some braindamaged cruft through a checkpoint more easily than through a proxy firewall. Note: I said "let through" not "secure" - though there were people who felt that going and telling a firewall "let Oracle back and forth on port XYZ" meant that the firewall was somehow "securing Oracle." Fortunately Oracle is now unbreakable...
Hey, I would add PIX to the exact same group. It is the quickest firewall out there, since it does let through everytihing:-)) Marcus, you are exactly on the spot with protocols and security. Well, I think that in the next two years, morronic stuff like "secure filtering" and "Six As of Security" will die down as people become more educated, or am I just dreaming... It is upon us to fight with "we secure everything" marketing claims; or are we going to be a group of Don Quihotes... pez __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewall Primitives, (continued)
- Re: Firewall Primitives Crispin Cowan (Nov 06)
- Re: Firewall Primitives Marcus J. Ranum (Nov 06)
- Re: Firewall Primitives Devdas Bhagat (Nov 06)
- Re: Firewall Primitives Marcus J. Ranum (Nov 06)
- Re: Firewall Primitives Devdas Bhagat (Nov 07)
- Re: Firewall Primitives Adam Shostack (Nov 09)
- BS claims (was Re: Firewall Primitives) Marcus J. Ranum (Nov 09)
- Re: Firewall Primitives Mikael Olsson (Nov 09)
- Re: Firewall Primitives Marcus J. Ranum (Nov 09)
- Re: Firewall Primitives Christopher Hicks (Nov 10)
- Re: Firewall Primitives Predrag Zivic (Nov 10)
- Re: Firewall Primitives Stephen P. Berry (Nov 11)
- Re: Firewall Primitives Cat Okita (Nov 11)
- Re: Firewall Primitives Paul Robertson (Nov 11)
- Re: Firewall Primitives Stephen P. Berry (Nov 11)