I agree with Ben, as I have said before, this is something that some other company is doing with emailing security alerts after they are first enhanced by headers and footers. Same theory, no value add. Even if one were to get VC funding for this idea, it would be a hard sell to customers, especially after they spent x number of dollars on some high priced consultants and retainer fees for those indispensable security staff they have on hand.. :) /m At 09:40 AM 10/18/00 +0930, Ben Nagy wrote: >I'm sure that I've already seen work done in this field... > >IMHO the best (easiest to read) product specific descriptor format I have >seen is in IPFilter. I would suggest it as a model, at least. > >The trouble is that you will run into problems - the set of functions in the >descriptor language will probably be larger than that in the simplest >firewall. Example - there's not stateful filtering in ipchains, you can't >block frags in IOS ACLs (Uh, until recently) etc. Assuming you can get past >that I suppose you could hack together a ruleset translator. > >Personally, (as if anyone wanted my opinion ;), I think that a public >firewall review site would not be useful. The main trouble with it is that >popular != good in many cases. Review sites are great for sorting out >popular <=> unpopular, but of limited use after that. I know that I don't >feel qualified to objectively say "this firewall is better suited to this >security profile than that one" - at least without weeks of testing work - >and, frankly, I don't think that there are many people I'd trust to make >those judgements. Note that "The Internet" is NOT one of those people. > >Not to mention the fact that I can pick two firewalls and then pick two >types of network such that I wouldn't touch firewall B for network A, nor >firewall A for network B. IOW you can't rate firewalls by stars. 8) > >But go ahead - maybe you'll get VC based on advertising revenue, hoist a >.com startup and make so much money I'll be crying into my beer by >Christmas. > >Cheers, > >-- >Ben Nagy >Network Consultant, Volante Solutions >PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520 > > > -----Original Message----- > > From: Michael T. Babcock [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, 18 October 2000 4:32 AM > > To: Michael E. Cummins > > Cc: [EMAIL PROTECTED]; HAL ROTTENBERG (HP-USA,ex1) (E-mail); > > Mandy Andress (E-mail); Vincent de Lau (E-mail); 'William Bartholomew' > > (E-mail); 'Mike Forrester' > > Subject: Re: Firewall Rules Database / FirewallReviews.COM proposal > > > > > > "Michael E. Cummins" wrote: > > > > > What I need, as a developer and not a firewalls expert, is > > a list of field > > > names that we could use to create a sort of "master table" > > to describe the > > > firewall rules. I would also need descriptions on how to sort this > > > information. > > > > As another developer, I've always wanted to sit down and make > > a generic C-like > > configuration system for firewalls that could then be parsed > > into whatever > > output is needed (like an ipchains or Cisco IOS series of commands). > > > > - > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > "unsubscribe firewalls" in the body of the message.] > > >- >[To unsubscribe, send mail to [EMAIL PROTECTED] with >"unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
