Thread: The Sidewinder G2 Security Appliance includes the only firewall that has never had a CERT advisory posted against it
View Single Post
  #2 (permalink)  
Old 10-08-2005, 11:15 AM
Hairy One Kenobi
Guest
  
Posts: n/a
Default Re: The Sidewinder G2 Security Appliance includes the only firewall that has never had a CERT advisory posted against it
<Ipeefreely> wrote in message
news:c21ek1dsa9ui77q7304umprmcelac87tg8@4ax.com...

<snip>

Hmm. "Only" is a very large claim. I'm not aware, for example, that any of
the UK MoD's home-built firewalls have ever been cited - doesn't prove that
they're invulnerable, of course, just that noone's necessarily got in to
break them. And then told people about it.

That said, I'm shocked to discover that my very own Netgear/Zyxel has had an
advisory posted - so much for that theory :o)

Uh.. hang on a minute: they *have* been cited a number of times,
http://www.kb.cert.org/vuls/id/AAMN-5BNT9S states that "[no] valuable
information" can be gained (not quite the same thing as "no information")

The basic theory seems to be that services are sandboxed (their word), so
you can lose a service or connection, but not the box. Given that they don't
appear to have had the entire box compromised at any point, I'll ignore the
marketing weasel words and give 'em a cautious round of applause. Still
makes it vulnerable to DoS of specific services, though:

http://secunia.com/advisories/11278/
http://secunia.com/advisories/11632/

Can't find a pricing reference (not usually a good sign!), so I guess that
I'll be sticking with the old RT-314 for the moment - even if it can be made
to leak its LAN [DMZ] address [only] to someone else attached to the same
UBR.

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!



Reply With Quote