Guys/Gals, I've been swamped with emails asking on how to build a "Franken" Pix firewall. All I can say is that "anyone" with a little brain can figure out how to build a "franken" pix firewall. If you don't believe me, do a "show version" on a Pix 520 and all the informations are there for you to build a "franken" pix firewall with PC parts. I am NOT going to help anyone on how to build a "franken" pix firewall because these information is already available in the public domain. I guess I don't want to get into trouble with Cisco for selling the Flash card. Therefore, I am going to keep these "franken" pix firewalls for my personal use. I am going to use it for my home firewall. I have to say without these "franken" pix firewall, I wouldn't be able to get a 100k/year job as a security engineer. I just recently graduated with a Master degree from a University but no one would hire me because I don't have much experiences in the security areas. Therefore, the only that I can prove myself to the employers is to show them that I can build a "franken" pix firewall with PC parts. After several interviews, I was hired by a IT security service firm because they figure if someone is dedicated to build a "franken" pix firewall to learn, that person must do it because he/she loves it and not doing it for the money. Anyway, I always recommend Pix firewalls as a "first line of defense" for customers because Pix products lines has faster processor and more memory than a Cisco router. By the way, one of my "franken" pix firewalls is running on a PIII850MHz with 512MB of RAM. That's equivalent to almost a PIX535 (PIII 1GHz and 1GB of RAM). I don't need a box to be that powerful but it can be done..... I think this is both benefical to both myself and to Cisco because I get more familiar with the Pix product lines and Cisco can sell more ot its gear. Again, all the information you need is in "show version". Patrick Andrew Benhase wrote:Guys- I really love this thread, it crops up every few weeks or so, and I'm sure to copy the PIX team on the really funny ones. I can say that most people (besides Corporate Counsel) find this thread very, very amusing. And many consider it quite a compliment that hard core security folks here on this list are that intent on using the PIX OS. Keep up the interest levels...
Does it break the license and does Cisco have domain over what you do with our code? Clearly yes. Is Cisco going to come pound down your door and have the local authorities remove your Franken-PIX from your home lab. Seems very unlikely. While I'm not condoning illegal activities with respect to Cisco, I can say that large scale operations will only insure tighter security restrictions in the future to counteract this type of scenario. If you're doing something you shouldn't be doing, keep it to yourself- and for Gods' sake don't email a very public alias about what you're up to... -Andrew Andrew Benhase .. .. Phone: 321-235-8026 Federal Operations || || Cell: 321-427-1584 Consulting SE || || Pager: 800-365-4578 12000 Research Pkwy |||| |||| E-Mail:[EMAIL PROTECTED] Orlando, FL 32826 .:||||||:..:||||||:. web: http://www.cisco.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Scott Morris Sent: Friday, August 09, 2002 10:18 PM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco "Franken" Pix Firewall This is why McDonald's builds in the self-destructing bacteria in case you choose to use your burger for a paperweight. Not only will it exude grease 'n' stuff all over your papers, but will become quite ripe in short order. Cisco hasn't quite figured out how to put those protections in their equipment yet! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 12:22 PM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco "Franken" Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of "intention and design". When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...............Richard -----Original Message----- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco "Franken" Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that "performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell", then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco "Franken" Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool "Franken PIX" that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my "Franken Benz"? Party on........................Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco "Franken" Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of "clone" pix firewalls so that I can get "hand-on" experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two "clone" pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these "clone" pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have "at least" three interfaces so that you can mimic a real production environment and frankly these "clone" pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just "inside" and "outside" interfaces. --------------------------------- Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __________________________________________________________________ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY __________________________________________________________________ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY __________________________________________________________________ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY __________________________________________________________________ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY --------------------------------- Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51391&t=51391 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
