Title: RE: Firebox/SonicWall/Netscreen
Does anyone know of
a clean way to allow multiple Cisco VPN clients to connect to a Pix from behind
a firewall running IP Masquerade (or any other PAT device for that
matter).
My general research
shows this to be a known issue but, I have been unable
Hello folks
I'd like to know which firewall / vpn to choose between netscreen 25 and
sidewinder 5.2 ? it must be easy to configure , vpn compliant and secure
enough
Thanks for your answers
GV
___
Firewalls mailing list
[EMAIL PROTECTED]
Never heard of sidewinder. Netscreens all the way.
Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
Who's watching your network?
www.clarksupport.com
301-610-9584 voice
240-465-0323 Efax
The data furnished in connection with this document is deemed by Clark
Systems
hello steve
sidewinder is a product from secure computing , it has never been broken by
anyone (sic) !! It's the firewall of NSA , Boeing etc.
bst rgds
-Message d'origine-
De : Clark, Steve [mailto:[EMAIL PROTECTED]]
Envoyé : lun. 25 février 2002 15:59
À : '[EMAIL
Are you trying to sell or decide between the 2? I think if you are trying to
decide between the 2 - you will find a lot of people who have or have had
Netscreens that are very happy.
Ironic as every time I use another vendors products - I complain as the
interfaces are poor, the help files are
lol steve , just have to decide :-)
-Message d'origine-
De : Clark, Steve [mailto:[EMAIL PROTECTED]]
Envoyé : lun. 25 février 2002 16:09
À : '[EMAIL PROTECTED]'
Objet : RE: choice netscreen / sidewinder
Are you trying to sell or decide between the 2? I think if you are trying to
decide
Secure Systems (maker of SideWinder) also bought the Gauntlet proxy
firewall and VPN technology from NAI and are incorporating the two
products.
http://www.nai.com/naicommon/aboutnai/press/pr_template.asp?PR=/PressMedia/
02132002-B.aspSel=1219
-Gary
On Monday, February 25, 2002, at 06:59
I have always been very satisfied with the Sidewinder. I feel the
exact opposite way Steve does. I look at other firewalls and wonder why
they cannot do stuff the way Sidewinder does. Write up a list of what you
need your firewall to do and compare it to what the Sidewinder and
Netscreen
Gary,
#Secure Systems (maker of SideWinder) also bought the Gauntlet proxy
#firewall and VPN technology from NAI and are incorporating the two
#products.
Actually the company name is Secure Computing (www.securecomputing.com).
They have been in the security business for a long time.
Jeffery, I stand corrected in my nomenclature.
Thanks for the clarification my compadre.
-Gary
On Monday, February 25, 2002, at 08:25 AM,
[EMAIL PROTECTED] wrote:
Gary,
#Secure Systems (maker of SideWinder) also bought the Gauntlet proxy
#firewall and VPN technology from NAI and are
[EMAIL PROTECTED] wrote:
I am stuck with a request from a client. A FreeBSD box, with 3 nic's
How to effectively BLOCK every packet from dmz to internal lan?? :o(
maybe something like this:
block out on lan interface from 192.168.10.0/24 to 192.168.1.0/24
thanks. Unfortunately, 22
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, February 25, 2002 12:40 PM
To: [EMAIL PROTECTED]
Subject: Firewalls digest, Vol 1 #557 - 3 msgs
Send Firewalls mailing list submissions to
[EMAIL PROTECTED]
To subscribe or unsubscribe via the
Hi,
How to effectively BLOCK every packet from dmz to internal lan?? :o(
use FreeBSD's native ipfw facility instead of ipfilters. then it's a piece of
cake:
#--
ipfw add rulenumber unreach filter-prohib all from any to any \
out recv interface_dmz xmit interface_internal
Title: RE: choice netscreen / sidewinder
Yes...supposedly that is true. BUT...and I say BUT, is it the ONLY firewall of the NSA and Boeing? I surely say no, because we have CyberGuard, whom we just started supporting, and they are claiming they exclusively own the government [NSA] contract
Title: RE: choice netscreen / sidewinder
*cringe*.and we all know what a great product Gauntlet was(sorry, had to chime in)
|
Ralph M. Los
Sr. Security Consultant and Trainer
EnterEdge Technology, L.L.C.
[EMAIL PROTECTED]
(770) 955-9899
Hello,
Since Sunday night our firewall is showing following logs:
IP packet dropped (212.107.15.161-208.38.37.234: Protocol=TCP[ACK] Port
19352-25): Bad IP Fragment Offset: 0x2000 (received on interface
208.38.37.234)
We do allow SMTP traffic on the firewall. The ports from are different.
What
Paul,
Port 25 is the server port for smtp. the other is the client port
(19352).
IP allows fragmentation into pieces so small as to be impractical
because of overhead.
Somtimes, attackers can exploit typical filter behavior and the
ability to create peculiar
Trust me on this one, the major intelligence and security agencies have
firewalls from a number of vendors. Cisco has deployed PIXen in nearly
all of them, so I can say with complete confidence that Cyberguard's
claims re:NSA are marketing fluff (Gee, is that a surprise to anyone?
Sales people
Title: RE: choice netscreen / sidewinder
RALPH,
You are probably right about these guyz having more
than 1 fwall, BUT its also still true that
THE SIDEWINDER IS THE DEFACTO USAF
FWALL...besides no one ever mentioned what
tool
the nsa uses..
anyway, ralphie old boywhat fwall do YOU
Don't remind me about the GREAT GAUNTLET program.
--- Ralph Los [EMAIL PROTECTED] wrote:
*cringe*.and we all know what a great product
Gauntlet was(sorry,
had to chime in)
|
Ralph M. Los
Sr. Security Consultant and Trainer
Hi,
Does anyone know of any security vulnerablilities with Novell's iFolder
software?
Aside from the risks involved with opening a port through the firewall, are
there any additional risks with
allowing the iFolder service?
Thanks in advance,
Greg
Bruno Fernandes wrote:
Hi again !!!
Please post your ipf.rules and ipnat.rules to see if i can figure
what's appening !!!
Regards
BF
here it is, friend. The proposed block rules is between '#', 14th till
16th line below:
block in quick on rl0 from 192.168.0.0/24 to any
block in
well after almost a week of playing phone tag with
netscreen support I'm going ask here, because i still
don't have any answer. Using a netscreen 10 is there
any way to setup a mip on the dmz? To the rest of the
world this means a static nat (netscreen must have
asked the linux folks for some
Does anyone is having any links/documents for the netware 5.0 hardening.
Any suggestions will be appreciable
Thanks and regds
vish
Get your free email from http://www.netjaal.com
24 matches
Mail list logo
