First of all, launching insults against Marcus is no way to win friends and
influence people, especially those have been frequent posters on the
list. I actually have quite a bit of respect for Mr Marcus Ranum. NFR has
a lot more potential than a majority of the rudimentary IDS systems
available today. If it was not Mr. Marcus Ranum, ICSA probably would not
have developed the criteria for ICSA Firewall certification, etc, etc. So
please refrain from posting your opinions to a very large mailing list.
Avoid being slanderous due to the fact, that your post can have character
and business ramifications..
/m
At 12:23 PM 8/3/00 -0700, Loki wrote:
>Ok, this is going to cause a lot of flames, but I really don't care.. :)
>I attended Defcon and Mr. Marcus Ranum made a complete ass out of himself by
>insulting close to 75% of his customer base with his choice for discussion...
>so I would also not be surprised if their will be an influx of postings to
>BUGTRAQ concerning new NFR vulnerabilities aimed exactly for that reason.
>
>On a more "unpersonal" note, NFR in my oppinion bites the big one.. That
>may be
>a biased opinion due to my heavy involvement and support in the SNORT IDS..
>but.. hey.. I did get to play with it and noticed a lot of problems and issues
>with it.. that also may be due to the fact it that it was an eval.. oh well..
>
>(worthless rant) I'll call this one my, negative (-).02 cents
>
>
>
>On Thu, 03 Aug 2000, Aaron Schultz wrote:
> > I wouldn't promote NFR...
> >
> > They can't monitor much bandwidth...(ie: 100+Mbit)
> > When I asked about monitoring any amount of bandwidth they sent me to
> > voicemail and I wasn't called back until the sales associate decided it
> > was time to check to see if I had received answers to my various
> > questions. Furthermore, they claim the only way to monitor a decent
> > amount of bandwidth is to put multiple NFR devices behind a foundry (or
> > similar) switch, although they don't have true answers on how the machines
> > coordinate their data when used seperately like this.
> >
> > NFR also lists only DESKTOP devices (ie: Compaq PCs) on their literature,
> > not 1 piece of hardware listed was a decent server platform.
> >
> > I never made it to their evaluation of their product - I find their
> > pre-sales support to be less than adequate. Currently the best answers
> > for IDS (IMO) are:
> > - Internet Security System's products
> > - Axent's (now Norton's) product line
> > (both have Windows agents)
> >
> > - Aaron Schultz
> > - [EMAIL PROTECTED]
> > ------
> >
> > On Thu, 3 Aug 2000, Fabio Pietrosanti wrote:
> >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > Network Flight Recorder, run only on Unix, but it's the BEST and the most
> > > difficult to tune in my opinion. It use his N-Code for creating the
> > > Backend filter.
> > > look here http://www.nfr.net
> > >
> > > Pietrosanti Fabio I.NET SpA, High Quality Access to the
> Internet
> > > e-mail: [EMAIL PROTECTED] ( Direzione Tecnica, Gruppo
> Firewall )
> > > [EMAIL PROTECTED]
> > > PGP Key
> (DSS) http://naif.itapac.net/naif.asc
> > >
> > > Home Page URL: http://www.inet.it
> > > Sede: Via Caldera, 21 20153 Milano
> > > Tel: 02-409061 Fax: 02-40906303
> > > --
> > > Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS
> > >
> > >
> > > On Thu, 3 Aug 2000, Rob Serfozo wrote:
> > >
> > > > We are investigating the installation of Intrusion Detection software.
> > > > Wondering if the list had any opinions good or bad towards any
> product. We
> > > > are hoping to be able to run on a Windows platform. We are
> currently using
> > > > a PIX firewall.
> > > >
> > > > Thanks,
> > > > Rob Serfozo
> > > >
> > > > -
> > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > > "unsubscribe firewalls" in the body of the message.]
> > > >
> > > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.0.1 (GNU/Linux)
> > > Comment: For info see http://www.gnupg.org
> > > Filter: gpg4pine 4.1 (http://azzie.robotics.net)
> > >
> > > iD8DBQE5iZc8dK5I1NnlcMYRArVIAJwLOjB3xWV8dJL8HcC2GN7JnvWBBwCgnN2v
> > > f/8+3RNhPbhLeFLQ7/hRqzY=
> > > =eoJG
> > > -----END PGP SIGNATURE-----
> > >
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> > >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>--
>----------------------------------------------------------------------
>Loki [LoA]
>[EMAIL PROTECTED]
>----------------------------------------------------------------------
>PGP Key fingerprint = 67 1D 12 BE 61 D6 63 B2 6A 8C F8 A1 80 88 1B 4
>[[EMAIL PROTECTED]]# ./crack /etc/passwd > passwd.cr
>[[EMAIL PROTECTED]]# su - root
>[[EMAIL PROTECTED]]#
>----------------------------------------------------------------------
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
