RE: Software/Hardware Firewall

["Jon Pastore" <jpastore () idetech net>]

I've never cared hardware versus software, as long as the job got done.
I mean technically you would have less problems with hardware (someone's
going to flame me for that) the reason I say this is I have a dell
server using iptables with 2 nics and you would think everything would
be fine...well the driver that kudzu picked was deprecated by Red Hat
and I had this problem where something got over flowed or hung
...whatever... and iptables said I can't deal with this let the packets
FLOW...all goes back to this deprecated driver...if it's deprecated
remove it...I understand leaving in nslookup but drivers? Come on that
was a potential bad problem that we were lucky we found first...

Anyway we're purchasing a Watch Guard Firebox 1000 this thing seems
pretty kewl...

Jon Pastore, President
IDE Tech, Inc.
(954) 360-0393 Office
(954) 428-0442 Fax



-----Original Message-----
From: D K [mailto:dk1088 () hotmail com] 
Sent: Tuesday, April 15, 2003 11:58 AM
To: security-basics () securityfocus com
Subject: Software/Hardware Firewall




I know that many arguments can be made pro/con for software over
hardware 

firewall devices/appliances, but I am curious...are there documented
cases 

of exploits or vulnerabilities in software firewalls, either at the
client 

level or on a device/appliances?  I have heard many times, better 

hardware, separated from the clients is the way to go for firewall, and 

myself subscribe to a hardware device that is separate.  I am not
looking 

for arguments either way (as long as you are arguing about using one,
not 

against using one!), but am looking for known issues, cases where 

firewalls placed on client pc's had their OS attacked with the firewall 

sitting right there, not doing the job it is expected to be doing...this


is for personal knowledge, not for a business case scenario, but could 

apply in the future.  Thanks, all!

------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by
professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today
to 
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics 
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------