Firewall Wizards mailing list archives
Re: Proxy 2.0 secure?
From: "Mark Horn [ Net Ops ]" <mhornNOSPAM () funb com>
Date: Thu, 25 Jun 1998 09:52:59 -0400
Gillian Steele says:
Personally, I'm willing to put my faith in those magazines that actually do real-world testing, to back up their claims, and the claims of Data Communications about the "soundness" of the NT-based Firewalls, including MSP 2.0 seem sound enough to me.
NT is a pretty big operating system that is tied to its very big user interface. That's a *LOT* of code containing a number of bugs commensurate with the code's size. Bellovin's "Fundamental Theorem of Firewalls" says that's a problem. The idea is that since all code has bugs, the best way to reduce bugs (i.e. security holes) in a firewall is run the firewall with the least amount of code possible. It is exceedingly difficult to do that with NT. So, from my perspective, it doesn't matter what firewall software is running on NT. It will always be more susceptable to bugs than equivalent software running on a trimmed down unix. Until you can remove the bloated GUI from NT, your stuck with its known and unknown bugs - all of which, on a firewall, are security holes. -- Mark Horn <mhornNOSPAM () nospam funb com> PGP Public Key available at: http://www.es.net/hypertext/pgp.html PGP KeyID/fingerprt: 00CBA571/32 4E 4E 48 EA C6 74 2E 25 8A 76 E6 04 A1 7F C1
Current thread:
- RE: Proxy 2.0 secure? Stout, Bill (Jun 23)
- RE: Proxy 2.0 secure? Aleph One (Jun 24)
- <Possible follow-ups>
- RE: Proxy 2.0 secure? Grigorof, Adrian (Jun 24)
- Re: Proxy 2.0 secure? Gillian Steele (Jun 24)
- Re: Proxy 2.0 secure? tqbf (Jun 25)
- Re: Proxy 2.0 secure? Vanja Hrustic (Jun 25)
- Re: Proxy 2.0 secure? Kjell Wooding (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Ted Doty (Jun 25)
- Re: Proxy 2.0 secure? Mark Horn [ Net Ops ] (Jun 25)
- RE: Proxy 2.0 secure? Vanja Hrustic (Jun 25)
- RE: Proxy 2.0 secure? ark (Jun 25)
- RE: Proxy 2.0 secure? Stout, Bill (Jun 25)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Vanja Hrustic (Jun 26)
- Re: Proxy 2.0 secure? Brian Steele (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Kjell Wooding (Jun 26)