Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: SANS Top Ten and Commercial Firewalls

Re: SANS Top Ten and Commercial Firewalls

From: Paul D. Robertson <proberts_at_patriot.net>
Date: Thu, 3 Oct 2002 11:34:37 -0400 (EDT)

On Thu, 3 Oct 2002, Anton A. Chuvakin wrote:

> >proftpd, vsftpd, pureftpd
> >...
> >Postfix/Qmail
> >...
>
> Is there any evidence that helps decide whether its more secure because
> its written better or because its used less?

(A) Project history- Postfix and Qmail have held up well, proftpd erm,
hasn't. I haven't followed the other two, since FTP is on my list of "Horribly
broken protocols I'll never support."

(B) Look at the code.

(C) Developer history.

(D) Developer's understanding of the protocol and its weaknesses.

It's worth factoring in frequency of attack as well as tool prevalence.

HTH,

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts_at_patriot.net which may have no basis whatsoever in fact."
probertson_at_trusecure.com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Oct 03 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]