Antony, Well, yes and no..
Truesecure is a "Big" for profit "brown" stamp, that Ignorant Management types like to see. This allows them to label themselves as IS professionals without even having a clue.. Basically what happens is you pay these guys money and they give your product the All holy blessing. Fact is, most of the products they stamp are based on some sort of Linux/bsd ditribution with something very similar to netfiltering if not actually netfiltering.. Most likely some greedy slim ball decided to package up some open source stuff and is now trying to cash in, maybe change a little code here and there. Of course, Nobody is going to admit to steeling someone else's free/volunteered/donated/sacrificed intellect to make money.. So noone replied with any information reguarding the ICSA status of linux/bsd-netfilter.. Here is what I did.. I got a copy of icsa testing criteria and said "yes we can meet or exceed these standards".. To prove it, I made up my own big "Gold" stamps and stuck them on all my Boxes.. I used Gold cuz its shiny.. Now all is well in Happy-vill.. People have been hacking at iptables/ipchains for a long time and they've been holding there own. In my book, thats the standard that all others must follow. If your people still need more to feel warm and fuzzy, I do have more Gold stamps I can sell them.. There Shiny.. Look here to see what they test for.. http://www.icsalabs.com/html/communities/firewalls/certification/criteria/cr iteria_4.0.shtml It all comes down to configuration, and common sense.. Even the best Code will crash without a good Admin to support it. Sorry I wasn't much Help Good Luck Chris N. >>-----Original Message----- >>From: Antony Stone [mailto:[EMAIL PROTECTED]] >>Sent: Tuesday, March 26, 2002 6:03 PM >>To: Christopher C. Northrop >>Subject: Re: Can Netfilter, is it ICSA Certified? >> >> >>On Tuesday 26 February 2002 1:39 pm, Christopher C. Northrop wrote: >> >>> Group, >>> >>> How can you Certify something like Netfilter? It all comes >>down to how well >>> the system was configured. >> >>Same as any other Firewall product, really...? >> >>> Please, if you can, provide information like "yeah I had my systems >>> certified and here is what I did" or "its a waste of your >>time, but this >>> other company has already certified Netfilter." >> >>Did you get any useful / sensible response to this, Chris ? >>I'm interested >>because I've used IPchains/IPtables/Netfilter for ages, and I >>think it's very >>good, but I have a problem when I come across people saying >>"we want a >>certified Firewall". Not necessarily ICSA certified >>(although I do know >>about ICSA Labs), but something that Netfilter hasn't got (as >>far as I know). >> >>So, if anyone came back to you and said "yes, we've got it >>certified" or >>maybe "we tried, but it couldn't get certification because >>of....." then I'd >>be interested to hear about it. >> >> >>Regards, >> >> >>Antony Stone. >>
