Firewall Wizards mailing list archives
Re: Q on external router
From: tqbf () secnet com
Date: Thu, 23 Apr 1998 15:15:18 -0500 (CDT)
Thus, in my opinion (but have a look at my email address to see that I could be biased ;-) ), the switch can increase the DMZ security if: - it uses static mapping - as you put part of your security in the switch configuration, you must obviously secure your switch config (OTP, ACL, management via console only, ...)
What about problems that fault the switch itself? We have seen bugs that crash 3Com switches due to poor IP stack implementation; Cisco is aware of bugs that affect their Catalyst platforms as well. What assurance do we have that switches are implemented with the same attention to security as firewalls? ----------------------------------------------------------------------------- Thomas H. Ptacek Secure Networks, Inc. ----------------------------------------------------------------------------- http://www.enteract.com/~tqbf "If you're so special, why aren't you dead?"
Current thread:
- Q on external router Vinci Chou (Apr 22)
- Re: Q on external router Vinci Chou (Apr 22)
- Re: Q on external router Bennett Todd (Apr 22)
- Re: Q on external router Bernhard Schneck (Apr 22)
- Re: Q on external router Eric Vyncke (Apr 23)
- Re: Q on external router tqbf (Apr 23)
- Re: Q on external router Eric Vyncke (Apr 24)
- Re: Q on external router tqbf (Apr 24)
- Re: Q on external router Vinci Chou (Apr 22)
- RE: Q on external router Andrew J. Luca (Apr 24)
- Re: Q on external router Marcus J. Ranum (Apr 23)
- Re: Q on external router tqbf (Apr 23)
- Re: Q on external router Paul D. Robertson (Apr 24)
- Re: Q on external router Eric Vyncke (Apr 24)
- Re: Q on external router tqbf (Apr 24)