On Tuesday 28 October 2003 13:09, Gary E. Miller wrote: > > "Better Security - The PIX operating environment is a single system that > > was designed with functionality and security mind. Because there is > > no separation between the operating system and the firewall application, > > Just do a "strings" on the PIX binary and see all the open source > software they stole for PIX....
Agreed, and regardless of where the src came from, why on earth would anyone think that removing the separation between the operating system and the firewall inherently make the firewall more secure? A weak design or flawed implementation will still result in vulnerabilities. A buffer overflow by any other name dumps core (or worse) just the same. Cheers, Ken van Wyk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
