Re: Proxy 2.0 secure?

[Vanja Hrustic <vanja () siamrelay com>]

At 07:21 PM 6/24/98 -0400, Gillian Steele wrote:
>    "We bombarded seven top-selling NT firewalls with nearly
>     300 forms of attack—without finding any significant security
>     loopholes."
>
> MSP 2.0 was one of the products tested during the exercise.

"As in previous security tests, we used Safesuite, an intrusion detection
tool from Internet Security Systems (ISS, Atlanta). Version 5.0 pokes and
prods each firewall with 288 different attacks, three times more than we
used last year (see "Test Methodology" ). "

[no comments needed about 'how extensive' the test was]

> Personally, I'm willing to put my faith in those magazines that actually do
> real-world testing, to back up their claims,   and the claims of Data
> Communications about the "soundness" of  the NT-based Firewalls, including
> MSP 2.0 seem sound enough to me.

Real-world testing is *not* running a scanner against
firewall/unix/whatever. Can Safesuite tell you if ns.nasa.gov has a
username 'test' with password 'nasa'? Of course not, but in 'real world',
you *could* try that as well. In 'real world', you can have 20.000$
firewall on internet 'side', but you also can have small, forgotten unix
machine connected to x.25 with test/test account, in example... Plenty of
other 'real-world' examples.

[just to prevent 'flames', this comment was directed to 'real-world
testing', not to 'is ms proxy 2.0 secure enough?', or "is it sysadmins
fault to have test/nasa account?"]

I would like to see some extensive security testing against firewalls,
similar to one that SNI made against IDSs. Is there something similar
available on the net? [or at least close, just not "we used ISS against
FW-1" tests...]

Vanja

Vanja Hrustic
Information Systems Manager
Siam Relay Ltd.
http://www.siamrelay.com
vanja () siamrelay com
Phone: +662-616-8628
Fax: +662-272-6516