> the questions raised were: why would someone use an insecure > firewall?
(1) "[A]n insecure firewall" strikes me as an attempt to beg the question. Security is not a boolean. All firewalls are insecure; all _code_ is insecure. The only question is, how insecure, and against what threats. (Rule of thumb: anyone who calls something "secure" or "insecure" without giving any indication of the threat model in question either doesn't understand security or hopes you don't; neither alternative is good. It's not universally applicable - here, for example, I suspect you were just being a bit over-brief - but it's been remarkably useful to me.) (2) To answer the question, leaving aside the question-begging attempt: because the code does something they want done. (Surely you could have come up with that much on your own.) If, for example, I wanted a firewall with an FTP proxy, I might well decide that that is important enough to me to be willing to tolerate whatever flaws PF may have. Code that mostly does what I want, even if it has some flaws, is often preferable to code that lacks the flaws but also doesn't actually do what I want done. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
