Ok, this is going to cause a lot of flames, but I really don't care.. :)
I attended Defcon and Mr. Marcus Ranum made a complete ass out of himself by
insulting close to 75% of his customer base with his choice for discussion...
so I would also not be surprised if their will be an influx of postings to
BUGTRAQ concerning new NFR vulnerabilities aimed exactly for that reason.
On a more "unpersonal" note, NFR in my oppinion bites the big one.. That may be
a biased opinion due to my heavy involvement and support in the SNORT IDS..
but.. hey.. I did get to play with it and noticed a lot of problems and issues
with it.. that also may be due to the fact it that it was an eval.. oh well..
(worthless rant) I'll call this one my, negative (-).02 cents
On Thu, 03 Aug 2000, Aaron Schultz wrote:
> I wouldn't promote NFR...
>
> They can't monitor much bandwidth...(ie: 100+Mbit)
> When I asked about monitoring any amount of bandwidth they sent me to
> voicemail and I wasn't called back until the sales associate decided it
> was time to check to see if I had received answers to my various
> questions. Furthermore, they claim the only way to monitor a decent
> amount of bandwidth is to put multiple NFR devices behind a foundry (or
> similar) switch, although they don't have true answers on how the machines
> coordinate their data when used seperately like this.
>
> NFR also lists only DESKTOP devices (ie: Compaq PCs) on their literature,
> not 1 piece of hardware listed was a decent server platform.
>
> I never made it to their evaluation of their product - I find their
> pre-sales support to be less than adequate. Currently the best answers
> for IDS (IMO) are:
> - Internet Security System's products
> - Axent's (now Norton's) product line
> (both have Windows agents)
>
> - Aaron Schultz
> - [EMAIL PROTECTED]
> ------
>
> On Thu, 3 Aug 2000, Fabio Pietrosanti wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Network Flight Recorder, run only on Unix, but it's the BEST and the most
> > difficult to tune in my opinion. It use his N-Code for creating the
> > Backend filter.
> > look here http://www.nfr.net
> >
> > Pietrosanti Fabio I.NET SpA, High Quality Access to the Internet
> > e-mail: [EMAIL PROTECTED] ( Direzione Tecnica, Gruppo Firewall )
> > [EMAIL PROTECTED]
> > PGP Key (DSS) http://naif.itapac.net/naif.asc
> >
> > Home Page URL: http://www.inet.it
> > Sede: Via Caldera, 21 20153 Milano
> > Tel: 02-409061 Fax: 02-40906303
> > --
> > Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS
> >
> >
> > On Thu, 3 Aug 2000, Rob Serfozo wrote:
> >
> > > We are investigating the installation of Intrusion Detection software.
> > > Wondering if the list had any opinions good or bad towards any product. We
> > > are hoping to be able to run on a Windows platform. We are currently using
> > > a PIX firewall.
> > >
> > > Thanks,
> > > Rob Serfozo
> > >
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> > >
> > >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.0.1 (GNU/Linux)
> > Comment: For info see http://www.gnupg.org
> > Filter: gpg4pine 4.1 (http://azzie.robotics.net)
> >
> > iD8DBQE5iZc8dK5I1NnlcMYRArVIAJwLOjB3xWV8dJL8HcC2GN7JnvWBBwCgnN2v
> > f/8+3RNhPbhLeFLQ7/hRqzY=
> > =eoJG
> > -----END PGP SIGNATURE-----
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
--
----------------------------------------------------------------------
Loki [LoA]
[EMAIL PROTECTED]
----------------------------------------------------------------------
PGP Key fingerprint = 67 1D 12 BE 61 D6 63 B2 6A 8C F8 A1 80 88 1B 4
[[EMAIL PROTECTED]]# ./crack /etc/passwd > passwd.cr
[[EMAIL PROTECTED]]# su - root
[[EMAIL PROTECTED]]#
----------------------------------------------------------------------
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
