Re: Information on Raptor

[kos () BASTARD NET (kos)]

For what it's worth, I've been running Raptor 5 and 6 on solaris 2.6 for a
year. I don't think I've seen a more broken product:

o The gui has more bugs than I want to remember
o The firewall forgets rules, especially when groups of hosts are involved
o The machine panics repeatedly, classic ip filtering bug where the solaris
  scheduler performs an unaligned memory access. No, it isn't the os.
o The implementation of packet filtering doesn't make sense, at least to me
o The http proxy coredumps when trying to calculate statistics, as of 6.02
  patched
o The udp plug gateway (udp_gsp) has socket caching problems. It drops packets
  rather than dropping cache entries. PCAnywhere freezes it solid.
o dnsd (their own DNS implementation) doesn't check for spoofed replies and is
  unmanageable via the GUI (bugs) and command line (it uses /etc/hosts).
o The main raptor process (gwcontrol) leaks memory. I'm forced to reboot once
  every two weeks (not for long; this product will be kicked out soon)
o Tons of undocumented options that you have to look for using strings. Like,
  how do you rule synchronize two raptor boxes? How do you update your url
  white list via the command line?
o You can't define ranges of ports to be used in plug gateway fashion.
o No resiliency. I think stonesoft now supports it, but it won't change my
  mind about the product.
o Vendor support is nonexistant for the above problems. They don't even know
  what a kernel core file is, let alone be able to examine it.

The fact is we're pushing the box hard in some cases, but that's no excuse.
The iron it runs on can push quite a lot of packets/io.

I'm pretty certain they've shifted to mainly supporting NT, and bless them
for that since the Unix market doesn't need such products.

Later,
Kos

--