Firewall Wizards mailing list archives
Re: FW appliance comparison - Seeking input for the forum
From: ArkanoiD <ark () eltex net>
Date: Wed, 25 Jan 2006 19:18:30 +0300
nuqneH, Though i think people who buy Checkpoint stuff are somehow non-representative (i think if one tried that with, say, Cyberguard, we'd see completely different picture) the results are still scary. Damn scary. That means 80% firewalls could be thrown off with no further harm to security. On Wed, Jan 25, 2006 at 05:32:49PM +0200, Avishai Wool wrote:
Paul didn't say where he got that tidbit from (and 87.3% of all statistics are made up anyway :-) but if you want some hard numbers to back up the spirit of his claim, you can check out: A. Wool. A quantitative study of firewall configuration errors. IEEE Computer, 37(6):62-67, 2004. http://www.eng.tau.ac.il/~yash/computer2004.pdf Cheers Avishai -- Avishai Wool, Ph.D., Chief Technical Officer, Algorithmic Security Inc. http://www.algosec.com **** Want to audit or debug your firewall's policy? *** [snip]Here's a little tidbit that's about 4 years old now, but ponder it and ask yourself if the IDS is where people *should* be spending their time: Approximately 74% of firewalls are either misconfigured or not configured to block attacks they're capable of blocking in normal operation. Paul-----------------------------------------------------------------------------Paul D. Robertson "My statements in this message are personalopinionspaul () compuwar net which may have no basis whatsoever in fact." http://fora.compuwar.net Infosec discussion boards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: RE: IDS (was: FW appliance comparison), (continued)
- Re: RE: IDS (was: FW appliance comparison) Paul D. Robertson (Jan 25)
- Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 25)
- Re: RE: IDS (was: FW appliance comparison) Paul D. Robertson (Jan 25)
- Re: RE: IDS (was: FW appliance comparison) Brian Loe (Jan 25)
- Message not available
- Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 27)
- Message not available
- Re: RE: IDS (was: FW appliance comparison) Brian Loe (Jan 26)
- Re: FW appliance comparison - Seeking input for the forum Devdas Bhagat (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum Christine Kronberg (Jan 24)
- Message not available
- Re: FW appliance comparison - Seeking input for the forum Avishai Wool (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum Paul D. Robertson (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum ArkanoiD (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum Avishai Wool (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum ArkanoiD (Jan 25)
- Re: FW appliance comparison - Seeking input for the forum Patrick M. Hausen (Jan 27)
- RE: FW appliance comparison - Seeking input for the forum lordchariot (Jan 27)
- Re: FW appliance comparison - Seeking input for the forum Anton Chuvakin (Jan 27)
- Re: FW appliance comparison - Seeking input for the forum Paul D. Robertson (Jan 20)
- Re: FW appliance comparison - Seeking input for the forum Greg Spath (Jan 20)
- Re: FW appliance comparison - Seeking input for the forum Patrick M. Hausen (Jan 18)
- Re: FW appliance comparison - Seeking input for the forum Marcus J. Ranum (Jan 18)
- Re: FW appliance comparison - Seeking input for the forum Marcus J. Ranum (Jan 18)