For starters...

Started by zerored, February 22, 2002, 05:31:20 PM

Previous topic - Next topic
Sup all. For starters, what do the experienced ones think of the checkpoint-1 firewall hardware/software? ive heard alot about it, but dont have any exp with it and wanted to begin a study in it....and, for those of you who are in the new, Building internet fiewalls was the best first-step book ive read...come to think of it, i still havent finished it...

blah. Haven't read about it.
Some thoughts though...

What sort of structure does it have ? Hardware, software, both ?
What kind of firewall ? How does it work ?

Basically when you are considering a firewall you have to match YOUR criteria.
So if you want SPI (stateful packet inspection -- YAY !!!) then get one with it.
Even routers will have SPI.

But anyways, the point is, get what you need. Stay away from McAfee, Black ICE, and
other crappy software firewalls. A firewall is designed to protect an internal network
(internet -- not THE Inernet [notice cases of 'i']) connected to the Internet. So if you have

216.101.221.90 (outside your internet) trying to connect to your internet it is designed to deny
the connection, filter the packets or what not. Blah, enough blabbering. I've said
enough and I'm too tired to really think. Basically if it has features that you like,
go for it. Remember -- that's what's it's about -- reading, learning, experimenting
about everything, especially things that interest you...

- Metty
"My Terminal is my Soul"

Slight correction, and I think Metty just happened to have a brain fart or typo like I always do... when he says connect to your internet, I believe he meant your intranet...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

actually

intranet is usually private yes, BUT... an internet (lowercase 'i') can also be private.
It's simply a network of networks and why couldn't it be private. Maybe it'd be more appropriate to say intranet,
but I believe I said *looks back* internal internet -- which would make sense (then again,
they could have two internets -- one private, one not [let's call one an intranet and one
an internet respectively]).... Hrmm.. could get very complicated
and interesting, wouldn't you say Neekster ?

Yes yes, I like this topic. This could be quite interesting...


- Metty
"My Terminal is my Soul"

hehe
the debate of the term 'internet' and 'intranet'

haha
"My Terminal is my Soul"

Hehehe... well, in this industry, terms are like assholes... everyone has one.... er... well, you get the idea! What one person calls something someone else calls something else, so I'm sure we're both right. blah... just like VPN. Ask 5 different Network Admins, and they'll each give you a different definition of it. Anyhoo, I think I'm too tired to make any sense right now... **needs some serious caffeine**

BRB... gonna go get me a mocha freeze...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

 8) I use Checkpoint FW1 on a Nokia IP330 with IPSO (a broken down version of freebsd). I find it to be very helpful and very secure (configuration helps). I am also working on getting MCNS (Cisco Network Security) Certified and although PIX has come a long way, I will continue to use the Nokia / CPFW combination.

Hope that helps...

Wilnix
alt email address: wilnix@hackphreak.org

aaight. Well, lets start from scratch. Yeah, ive heard about black ice def. and zonealarm ect. But does anybody have any linkage (so to research)as to(or just know)why thier so terrible? Ive researched them myself(went to their site, which, i know is biased) and also searched for problems of those software-based fwallz, but didnt find much as to why thier horrible at secruing what they secure.

The problem I see with ANY software firewall is the fact that it is not PHYSICALLY controlling what makes it to your computer. The filtering is happening on the system you are using, don't you think that is kinda late? I can't say I don't use them anyways though. I use Norton's Personal Firewall on my system to keep the help desk from trying to grow a brain in the area of hacking. But, as far as using it as a complete solution...NO. A hardware firewall, software speaking, is free using freebsd's ipfw or Mandrake's Firewall Edition OS. Check them out. I use CPFW-1 right now and I personally like it, but the future shows that you can't beat a Cisco Pix. I will go that route from here on out.

Wilnix
alt email address: wilnix@hackphreak.org

very good point, Maddy...

also, think about this:

hardware is harder to exploit than software....
look at it this way:

AV companies are fighting those evil *grin* virus writers, yet virus writers keep finding flaws
in the system, for viruses and worms, trojan horses, etc...

Windows (uh oh...) has so many holes and flaws it is incredible. It is software, period.
Other OS's have problems too, but not as many.

I could continue, but there is no reason to. The point is, software is probably more vulnerable
to exploits than hardware. One thing is Ring 3 vs Ring 0 in pmode (protected mode). That
alone shows that software has flaws. Sure, everything will have flaws (designed for a common cause
or need, but exploited as opposed to holes which are completely a mistake).

There are a lot of points, probably too many to even think about... so I think I'm done.

Oh well, Will is right, and so am I *grin*.

"My Terminal is my Soul"

btw -- best firewall:

no Internet access.
heheheh

ok, ok, seriously... best firewall system:

software + hardware

keep that in mind Zero...
"My Terminal is my Soul"

Just get the cheapest box you can find and run straight fbsd + ipfw....

Life will be good.

Wilnix
alt email address: wilnix@hackphreak.org


Someday when you feel brave enough, try OpenBSD too.

Wilnix
alt email address: wilnix@hackphreak.org

SMF spam blocked by CleanTalk