On Tue, 1 Aug 2000, Robert Stanley wrote:
> are all software, are all written by people and people make mistakes. If a
> system administrator or company isn't willing to accept the implications, or
> take responsibility to update and maintain, then they have only themselves
> to blame. In response to your comment regarding PIX I believe that both PIX
The current legal climate says they only have themselves to blame, but
surely there should be some vendor culpability if in nothing more than a
good faith effort to produce good security software? (and I'm not
intimating that Checkpoint hasn't here.) Obviously, since there are
fixes, something was broken, no?
Expecting novice administrators to take full liability for things they
don't understand that don't affect their already overworked existances
seems self-defeating if you're selling a firewall product to me.
> and FW-1 suffer the frag DOS attack. If I had the time...and I don't, I
> would test every commercially available FW application for similar issues.
> Someone with a PIX posted this issue on this list:
[Snip a post I responded to directly a couple days ago]
>
> Humm, sounds like the same thing Checkpoint said about FW-1 getting
> overloaded by this traffic pattern a month or two ago. ;)
Which *isn't* one of the vulnerabilities covered in the BlackHat
briefings.
The original comment, my reply and all the folow-ups were about the
BlackHat briefing, and you said:
"These attacks affect other stateful firewalls as well (PIX)."
Please note that at no time was a frag attack mentioned in the briefing,
it's not in the slides, and other than a side conversation between me and
one of the Nokia folks, I don't recall it in any of the presentations I
attended.
You pluralized both "attacks" and "firewalls," and while I've never even
installed a PIX, and have no interest in defending it, I'd still like to
see the basis of such an assertion.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
