Actually, it was not really a remot compromise but an oversight in QA,
where such that when the pieces were integrated, the Gauntlet firewall was
then vulnerable.
None of the firewall products available today are without it's plus and
minuses, and some caveats. It is really how an organization designs their
underlying security architecture.
The chink in one's armor is always the weakest link..
In most cases, it is not the firewall that fails but some loose nutball
that just recently left but before he resigned he wrote some SNMP network
discovery application that had some embedded code in it that basically when
he feels like could make over 100,000 network devices blink on and off like
a christmas tree, and the only way to reset the devices is to reload to
factory configs via serial cable.. :) But I don't know anybody that
malicious, but it is a possibility.. :)
/cheers
/m
At 07:35 PM 8/31/00 +0200, mouss wrote:
>At 11:27 31/08/00 -0500, Ron DuFresne wrote:
>
>>Ahh, but Gauntlet was hit a few months back with a remote compromise was
>>it not?
>
>let me cite my "guilty" sentence:
>
>"if the event shows that FW1 is vulnerable, then my recommendation
>is o switch to another product, such as the Gauntlet (I don't work for NAI,
>it simpy happens that I know this one better than others)."
>
>so, that's an "if ... then..." used to present an alternative to the proposed
>"if FW1 is bad, then all are bad".
>
>
>
>regards,
>mouss
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
