Vulnerability Development mailing list archives
Re: Information on Raptor
From: djl () MILLER CS UWM EDU (David J Laumann)
Date: Mon, 21 Feb 2000 15:08:21 -0600
We own a Raptor Firewall for NT Integrated Entreprise Network. The version is 6.0. We've been told (by consultants) that this type of firewall has many flaws.
perhaps it is a language thing, but what is meant by "this type of firewall"? statefull packet filtering? application proxy? nt or solaris based? or the raptor in general? i think you should question your consultants motives, perhaps they are sincere but more than likely they want to sell you their brand x of firewall -which of course has no flaws. ;-)
We will need to buy a second firewall to reorganize our security this year, what is (in your opinion) the best machine?
you really need to start with your policies procedures and practives to find a firewall. the firewall will only be at *worst* as strong as you've configured it. i say that because all firewalls are not equal, you really need to ask: what are you protecting? what's it worth? what sorts of traffic will you allow ingress, egress, both? what services do you allow http, smtp? do you expect high volume, if so will application proxy work for you? are you monitoring log files, does your firewall even generate logs, do you have an incident response policy/plan? etc... these are the questions your consultants need to be answering if not generating for you. you can have joe's impenetrable firewall(tm) and allow xyz traffic to your buggy application server which just happens to reside on your trusted internal segment and the firewall suddenly has stopped protecting you. now what? having set up and played with a few firewalls like the raptor, interceptor, sonic, cyberguard, pix, ipchains, etc i can say most firewalls (barring some really bad ones) are only as good as they are configured and the audit trails they generate. obviuosly, the firewall should not be your sole form of defense, but just one more tool used in the implementation of your security policy. since this may be straying off topic id be happy to continue the discussion via email martin...
Current thread:
- Re: Information on Raptor, (continued)
- Re: Information on Raptor Malikai (Feb 21)
- Re: Information on Raptor James Crooks (Feb 22)
- Re: Information on Raptor Malikai (Feb 23)
- Consulting lameness, RE: Information on Raptor Ben Grubin (Feb 23)
- Single SignOn Vanna P. Rella (Feb 23)
- Re: Single SignOn Simple Nomad (Feb 24)
- Re: Information on Raptor James Crooks (Feb 22)
- office 2k security bug? Torgeir Hansen (Feb 22)
- R: office 2k security bug? Raistlin (Feb 23)
- Fwd: ANNOUNCEMENT: Lighting Firewall for Linux released Grzegorz Stelmaszek (Feb 23)
- Re: Information on Raptor Malikai (Feb 21)
- Re: Information on Raptor James Crooks (Feb 21)
- Re: Information on Raptor David J Laumann (Feb 21)
- Re: Information on Raptor Marcelo Amaral - ALTAVISTA.NET (Feb 21)
- Re: Information on Raptor CL: Nelson, Jeff (Feb 24)
- Re: Information on Raptor IC&S - Eelco van Beek (Feb 25)
- Re: Information on Raptor Daniel Liebster (Feb 25)
- Re: Information on Raptor Ben Grubin (Feb 24)
- Dedicated vs "shared use" firewalls Forrest W. Christian (Feb 24)
- Buffer overflows on Netware 4x and 5x Roland Kool (Feb 28)
- Re: Dedicated vs "shared use" firewalls Anton J Aylward, CISSP (Feb 28)
- Dedicated vs "shared use" firewalls Forrest W. Christian (Feb 24)
- Re: Information on Raptor Crother, Mark (Feb 24)