Firewall Wizards mailing list archives
Re: SANS Top Ten and Commercial Firewalls
From: "Ryan M. Ferris" <rferris () rmfdevelopment com>
Date: Thu, 3 Oct 2002 14:47:16 -0700
An interesting variant on this is the DARPA sponsered Linux compiler that compiles software (including Linux) without some of the known security loopholes found in ordinary C compilers: www.immunix.org This is probably no substitute for careful validation and verification of the code with respect to security guidelines (i.e. NIST common criteria, etc.), however it is another good tool to prevent the deployment of insecure code. Without extensive black box testing, I don't know how you would do this on software for which you don't have the source. Ryan M. Ferris rferris () rmfdevelopment com ----- Original Message ----- From: "m p" <sumirati () yahoo de> To: "Anton A. Chuvakin" <anton () chuvakin org> Cc: <firewall-wizards () honor icsalabs com> Sent: Thursday, October 03, 2002 10:42 AM Subject: Re: [fw-wiz] SANS Top Ten and Commercial Firewalls
--- "Anton A. Chuvakin" <anton () chuvakin org> schrieb: > Devdas and all,Just out of curiousity.proftpd, vsftpd, pureftpd ... Postfix/Qmail ...Is there any evidence that helps decide whether its more secure because its written better or because its used less?Hi Anton, there are programs out there which were written with security in mind. As
there
are postfix, qmail, djbdns, daemontools, tcpwrappers, .... Those are believed to be secure (and checked/reviewed) by many people. The argument "because it is used less" should be carefully mentioned. Now Netware is seldom used - but as showed on the blackhat conference in Vegas
this
year there are many ways to gain more access than what you were granted
...
Marc __________________________________________________________________ Gesendet von Yahoo! Mail - http://mail.yahoo.de Möchten Sie mit einem Gruß antworten? http://grusskarten.yahoo.de _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: stealth ports and IDS, (continued)
- Re: stealth ports and IDS Jim MacLeod (Oct 03)
- RE: stealth ports and IDS Ben Nagy (Oct 04)
- RE: stealth ports and IDS Frank Knobbe (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Anton A. Chuvakin (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Devdas Bhagat (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Devdas Bhagat (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls m p (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Ryan M. Ferris (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls ark (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Kevin Steves (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Gary Flynn (Oct 03)