RE: IP filter - Fw1 comparison

[Johan Allard <johan () allard nu>]

On Mon, 29 Jan 2001, Hackett, James wrote:

> For security and not functionality Gauntlet from NAI, fully E3 certified 
>
> For functionality of services allowed and not security as much importance
> Checkpoint-1
>
> All of these systems under trusted  Solaris with OS stripped down to the
> basics in the installation.
>
> I would be looking at the new Linux Kernel 2.4 IP based firewall.
>
> Or Sunscreen EFS if as this uses Stateful inspection as well you can get the
> LITE version for free some-one  says you can unplumb the network card and
> make the LITE version run in steath mode. Having looked at that yet.
>
> The most popular Firewall to me seems to be the one that has the most bug
> updates "Fw-1", Gauntlet has a lot less updates maybe one fix a year or
> maybe two.
I have come across a survey on http://www.infosecuritymag.com were those
interrested could participated and Checkpoint, followed by Cisco, Raptor
and Gauntlet, were the most popular. Checkpoint had 32%, calculating the
first 7, cisco had 23%.

This is the best way I have seen so far to get information, the
problem now is to get people to fill out the survey.

I choose Firewall-1 because it is the market leader in commecial
firewalls and Darren Reeds IP-filter because I think it is the best
freeware packet filtering firewall.

//johan

> > -----Original Message-----
> > From:       Johan Allard [SMTP:johan () allard nu]
> > Sent:       27 January 2001 11:53
> > To: Chris Keladis
> > Cc: firewall-wizards () nfr com
> > Subject:    Re: [fw-wiz] IP filter - Fw1 comparison
> >
> > On Sat, 27 Jan 2001, Chris Keladis wrote:
> >
> > > > Since firewalls should be silent it shouldn't be possible to make
> > > > sites like http://www.netcraft.com/survey/ with automated tools for
> > > > calculating market share.
> > >
> > > Well be carefull there.. A firewall 'should not' mess with the upper
> > > application layers like http, unless it provides proxy services.
> > >
> > > To my knowledge IPFilter does not do this.. I'm not sure but i dont
> > think
> > > Checkpoint does either (at least for WWW).
> > >
> > > The Netcraft survey compares WWW servers, not firewalls.
> > Yes, exactly. For webservers it is easy to do comparison, connect and the
> > webserver will tell you. An IP filter firewall is very silent, a
> > FireWall-1 is often responding to some of the ports 256-261, a Raptor
> > allways has some ports open like usenet-news 119, others a recognizable
> > via other fingerprinting. Since these tests are quite intrusive I don't
> > think that anyone could set up a server doing them in order to provide som
> > statistics. So how can we tell what firewall is the most popular?
> >
> > //johan
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards () nfr com
> > http://www.nfr.com/mailman/listinfo/firewall-wizards
>
> **********************************************************************
> This message may contain information which is confidential or privileged.
> If you are not the intended recipient, please advise the sender immediately
> by reply e-mail and delete this message and any attachments
> without retaining a copy.  
>
> **********************************************************************

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards