<Ipeefreely> wrote in message
news:p32gk1duammf3eceg6659ca8lss1iaurj6@4ax.com...
> Uh.. hang on a minute: they *have* been cited a number of times,
> >http://www.kb.cert.org/vuls/id/AAMN-5BNT9S states that "[no] valuable
> >information" can be gained (not quite the same thing as "no information")
>
> That is the Sidewinder.
>
> However the Sidewinder G2 (the merge of Sidewinder and Gauntlet)
> have not had any CERT Advisories.
>
> I am sure that if you call your regional sale manager they can give
> you a price.

Well, that's nailed your flag pretty fairly to the mast as goes background
:o)

OK, so the Sidewinder G2 is a munge of the Sidewinder and Gauntlet? Both of
which have been exploited, at least to a minor degree, since 2003.

So how does that make the Sidewinder G2 something that hasn't been cracked
in *ten years*? This puzzles me.

As I said, marketing weasel-words aside, it looks to be a pretty good
solution.

> The DoS can be handeled with threshold that can be set up by the
> Administrator. once the threshold is met the IP or IP's will be black
> hold for however you want them to be.

Hmm - not sure that's quite what I would call "handled" (restarting a
service generally drops everyone on that daemon, unless there's a special
case I'm missing here). Automatic restart, yeah, I know - probably the best
of a bad set of circumstances.

How much control does the admin have over this automatic black-holing? And
how granular is it? And how about DDoS? Or, dread to say, spoofed IPs
causing a valid set of addresses to be rejected?

You've got me interested, now (although still not for my home network,
unless it's a helluva lot cheaper than I suspect :o)

H1K