Firewalls: RE: NT's TCP/IP stack

Firewalls
(February 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: NT's TCP/IP stack
From:	Scott Barman <scott @ Disclosure . COM>
Date:	Wed, 7 Feb 1996 11:30:25 -0500 (EST)
To:	Russ <Russ . Cooper @ RC . Toronto . on . ca>
Cc:	"'Jeromie Jackson'" <jeromie @ garrison . com>, "'Firewalls'" <firewalls @ GreatCircle . COM>
In-reply-to:	<01BAF4F6 . E8D957C0 @ rwcooper . RC . Toronto . on . ca>

On Wed, 7 Feb 1996, Russ wrote:

<Much about NT's IP stack cheerfully deleted>

> [Firewall relevance]
> To some extent, there may be some relief to all of this on the horizon. 
> With the introduction of Raptor and soon Network-1 into the Windows NT 
> realm of Firewalls, there are seriously security conscious individuals who 
> will have to track these changes to see if they affect their product. 
> Hopefully this will lead to increased scrutiny of the product from a 
> specifically secure standpoint.

There are three firewall built on top of NT, not including the vaporware
Micro$haft themselves are touting.  I have been in contact with someone
who has evaluated two of them.  Unfortunatly, I cannot say who or give
further details (this person will be publishing this information in one
of the "major" industry rags), but let's just say that my suspicion has
been confirmed: you cannot use these systems for anything faster than a
64Kbps connection.  T1, or even fractional T1 (128Kbps), start showing
failture.

> [Shameless plug]
> Of course, with the just announced strategic partnership between MCI and 
> Microsoft (and of course, SHL), and the fact that MCI will be hosting MSN 
> on the Internet, we will hopefully see lots more NT boxes on the Internet, 
> again, forcing people to look more closely at the viability of securing NT 
> boxes.

Maybe Micro$loth is hoping Vint Cerf will help their sagging system.
Then again companies are into prostitution for the sake of the bottom
line--read "On the Line" regarding this statement and MCI.

Hopefully, when folks put NT on the internet, they will find the same
thing I found through experimentation: it has multitasking that can't
get out of its own way, it can't handle the load of a medium-low
environment, and if something goes wrong, there isn't a quick interface
to fix things (by passing that maze of twisty little menus all
different!).

> There's definitely something wrong with someone like me who lives for these 
> types of questions, I guess I just love the controversy! ;-]

Yea, it's called living the hype and beliving the b.s. from marketing
machines.  No controversy here--especially when I don't believe what I
read or hear from know M.$.... err... b.s. artists.

scott barman
--
scott barman                  DISCLAIMER: I speak to anyone who will listen,
scott @
 disclosure .
 com                      and I speak only for myself.
barman @
 ix .
 netcom .
 com
  "Micro$oft and Windoze/NT will be the cause of the de-evolution of
   network security just as the original PC and BASIC was the cause of
   the de-evolution of programming."	- scott barman

Follow-Ups:

I want details!!! Re: NT's TCP/IP stack
From: Robert Dana <bob @ worldcom . com>

References:

RE: NT's TCP/IP stack
From: Russ <Russ . Cooper @ RC . Toronto . on . ca>

Indexed By Date	Previous:	ipx routing From: "Lehrer, Neil" <nlehrer @ usia . gov>
Indexed By Date	Next:	DNS for NT From: Eduardo Torres <etorres @ startel . com . ar>
Indexed By Thread	Previous:	RE: NT's TCP/IP stack From: Russ <Russ . Cooper @ RC . Toronto . on . ca>
Indexed By Thread	Next:	I want details!!! Re: NT's TCP/IP stack From: Robert Dana <bob @ worldcom . com>