Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Your opinions ... more info
From: "van der Kooij, Hugo" <Hugo.van.der.Kooij () CAIW NL>
Date: Tue, 31 Oct 2000 20:19:22 +0100

On Tue, 31 Oct 2000, Jim Miller wrote:

A penetration test was run on the firewall and it was reported that 3 ports were left open.  I was privy only to the 
summary report, and was told that the open ports were really not a problem, as "they only appeared to an outsider to 
be open.  They were truly secured.".  After learning more, I found a respected source who agreed that open is open.  
The point being that this certificate schema is only as strong as the firewall.  It's a Cisco PIX Firewall Router, 
and I'm told not to worry, "It's an industry standard.".  What is your opinion?

I'm not conviced that PIX is an industry standard at all. (But I admit I'm
not fully objective.)

As far as I could tell from some personal tests the PIX product isn't easy
to operate. I personaly work with FireWall-1 but have tested some other
firewalls as well but the combination of ease-of-use and security wasn't
matched yet by any other product.

But I think the whole discussion is rather hypothetical. It seems some
people made up their mind and decided you can trust Bill because he has a
lot of money so he must be right.


Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ  Maasland
hvdkooij () caiw nl     http://home.kabelfoon.nl/~hvdkooij/
Quoting this tagline is illegal! (http://www.dtcc.edu/cs/rfc1855.html)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]