Vulnerability Development mailing list archives
Re: Information on Raptor
From: malikai () INTERACTIVEALIEN COM (Malikai)
Date: Mon, 21 Feb 2000 09:55:18 -0600
below are the issues I have with this product. I have just recently taken the NetGuard and NetMaster courses with Axent for a client of mine. I had a few big issues personally, however I am not sure if they are really issues, or if I was miscommunicated to during the class. I will start off with what I know are issues, and then continue with what I believe are. None of this is certain, except for the performance ones, which are common to all application gateways. 1. Performance This is an application gateway, which is slower than (allmost) any packet filtering system. 2. DNSD Apparently this is a full function DNS server capable of handling all standard dns functionality. This also wants to be your primary dns server. (Your firewall is your dns server too?!) What about dns cache poisoning? 3. VPN logging I can't really believe this one and hope there is some form of workaround for it however, this is what I understood. This is the default configuration. There is no logging of VPN/tunneled traffic. This means there is no way to audit any vpn traffic, or store logs of anything going through the vpn layer of the proxy. Blindfolded? A summary of what I understand is fairly simple here. Application gateways (when not single application gateways, like http proxies), are very complex, slow, and fail to keep it simple. This is a firewall we are talking about here, and why should internal (or even worse, external) clients be talking directly to the firewall? I don't mind tools like the MimeSweeper, or any specific function proxies. However, when we shove it all into one box, we just slowed down and decresed by a magnitude the security of the gateway. -Malikai On Sun, 20 Feb 2000, Martin M Samson wrote:
Good day to all, This is my first posting to this list. We own a Raptor Firewall for NT Integrated Entreprise Network. The version is 6.0. We've been told (by consultants) that this type of firewall has many flaws. Where could we find a complete list of points to investigate on the vulnerability of our firewall? Positive/negative feedback on the product is also welcome... We will need to buy a second firewall to reorganize our security this year, what is (in your opinion) the best machine? Please reply to : Martin.Samson () visa desjardins com Merci, Thanks! Mart! --------- Bonne journée! / Have a nice day! Pensée de la semaine : En apparence, la vie n'a aucun sens, et pourtant, il est impossible qu'il n'y en ait pas un! (Albert Einstein) ***************** Martin M Samson Consultant, Gestion de projets. 514-994-2243 http://pages.infinit.net/cci
Current thread:
- Information on Raptor Martin M Samson (Feb 20)
- Re: Information on Raptor Yiorgos Adamopoulos (Feb 21)
- (Fwd) Re: vulnerability database Felix Harris (Feb 21)
- Re: Information on Raptor Malikai (Feb 21)
- Re: Information on Raptor James Crooks (Feb 22)
- Re: Information on Raptor Malikai (Feb 23)
- Consulting lameness, RE: Information on Raptor Ben Grubin (Feb 23)
- Single SignOn Vanna P. Rella (Feb 23)
- Re: Single SignOn Simple Nomad (Feb 24)
- Re: Information on Raptor James Crooks (Feb 22)
- office 2k security bug? Torgeir Hansen (Feb 22)
- R: office 2k security bug? Raistlin (Feb 23)
- Fwd: ANNOUNCEMENT: Lighting Firewall for Linux released Grzegorz Stelmaszek (Feb 23)
- Re: Information on Raptor James Crooks (Feb 21)
- Re: Information on Raptor David J Laumann (Feb 21)