Whoops, I forgot something. Sorry to mess up the threading.
> Finally, if the event shows that FW1 is vulnerable, then my recommendation
> is o switch to another product, such as the Gauntlet (I don't work for NAI,
> it simpy happens that I know this one better than others).
Would you say that SINIX is more secure than Solaris? After all, I can
hardly remember any published vulnerability. *g* And this is exactly the
point that I have forgotten to make: Up to now probably not that many
whitehats have bothered to closely examine firewalls apart from
FireWall-1, since you hardly find any at customer sites. (Although I am
told such things exist. *g*) Same with DG/UX. So, at the moment, I would
recommend people to prefer FireWall-1 over Gauntlet _because_ the
vulnerabilites have been found and FireWall-1 now has _less_
vulnerabilites than before.
Just compare the whole thing to a bowl of salad that a group of people
is eating from. Once somebody finds a fly in it, everyone will stop
eating from the bowl. Although now the fly is gone and there are now
less flies in the bowl. And after all, each and every bowl of salad on
this earth may potentially contain flies. Heh, human behaviour is quite
irrational. :-)
Thanks
-Thomas
--
Thomas Lopatic, TUeV data protect GmbH, [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
