> I seem to have deleted info on BorderGuard.
> Can someone point me to a source for info.
> I'd like to hear more about it from someone
> who has used it, and also get the details :-)
> from the vendor.
I have been sending mail back & forth with the NSC reps in reguards to their
product. I am still getting claims that it is an application level gateway,
and comments such as "your statement...has come as a complete suprise to the
folks @ Ft Meade where they have been using our (NSC) network security approach
To summarize what has happened on this thread:
NSC claims to have: an application level gateway, having proxies for
Telnet, FTP, SMTP, NNTP, & Gopher. Also that the box does packet filtering,
and encryption capabilities that would allow for VPN development.
My claim is that NSC is a filtering device, in contrast to an application level
gateway, and that a NSC box alone is very weak security when using it for
internet security. Here's my
1) You have access control lists to allow no inbound traffic whatsoever.
2) You do however allow incomming mail. All packets for port 25 can potentially
be routed to a single box.
3) This single box is the weakest link. If I can break into it, I have
subverted the firewall.
1) You have the above scenario.
2) You have something like stock sunos4.1.3_u1 running on the mail hub
3) I send you an exploit that your mailer compiles.
4) Upon compilation the mailhost executes my program and starts an outgoing
5) Upon completion of the connection the client-server role is reversed. The
mailhost forks a shell. The attackers machine now has a shell account on the
If I am missing something here in my logic, I would be very eager to hear
P.S. Again, the above scenario is not a vulerability of the NSC boxes. It is a
vulerability in IPv4. There is Identification & NO AUTHENTICATION of hosts.