Great Circle Associates Firewalls
(April 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Hi Dave,
From: wojtek @ solaris . tryc . on . ca (Wojciech Tryc)
Date: Fri, 12 Apr 1996 21:03:05 -0400
To: Firewalls @ greatcircle . com, djr @ saa-cons . co . uk, knelson @ essi . com 
You can run Firewall 1 on Solaris x86 


> From knelson @
 essi .
 com Fri Apr 12 19:24:30 1996
> Date: Thu, 11 Apr 1996 10:38:10 -0700
> From: Kevin Nelson <knelson @
 essi .
 com>
> To: Firewalls @
 greatcircle .
 com, djr @
 saa-cons .
 co .
 uk
> Subject: Hi Dave,
> 
> Hi Dave,
> 
> Consider also the following:
> 
> BorderWare, the best selling firewall now, is based on a BSD kernal, and runs 
on a cheap PC.
> On a Pentium 90, its throughput capablity is roughly four times the speed of a 
T1. 
> 
> Solaris 2.5, on the other hand, is the basis for last-year's bestselling 
firewall, Checkpoint. But it
> requires a dedicated Sparc station, which is never cheap.
> 
> If you want more information, contact me.
> 
> Kevin Nelson
> ESSI
> 
> >>> Dave Roberts <djr @
 saa-cons .
 co .
 uk> 4/10/96  3:58 am >>>
> 
> The last thing I want to do is start an O/S flame war, I think we've had  far 
too many of those
> already.  What I am looking for are bare honest  facts.
> 
> I need to put in a bastion host to handle the proxying, DNS stuff, etc.  I 
would like to put this
> onto a pee-cee running BSD (either FreeBSD or
> BSDOS2.0).  However, someone above me in the chain of things wants me to use a
> SparcServer running Solaris 2.5.  I claimed that BSD was better suited for the 
purpose, and he
> said prove it. 
> 
> AFAIK, the facts stand as follows (please corrent me if I am wrong).
> BSD offers the immutable flag - Solaris does not.
> BSD gives me source code - Solaris does not.
> BSD allows me to compile stuff (ls etc) with static libs - Solaris does  not 
(if I remember a
> thread a while ago).
> 
> That's all I can think of.  Please don't mail back with arguments about  
having source code or
> not, or static libraries vs dynamic, think those  have been beaten to death :)
> 
> What I would like are facts from people that have experience with both 
systems, or something
> that people with one of those systems feel is a big bonus, or a big headache.  
 I'm assuming all
> the tools I want compile  equally well on both systems (whatever kind of libs 
are used).
> 
> ObOffTopic: anyone know a tool to to base64 decoding?  Some of my users get 
their mail sent
> to ccMail, and their gateway doesn't understand MIME.  A DOS util to do with 
would be great (I
> can't convert *everyone* to Unix and Pine! ;)
> 
> Thanks in advance,
> 
> Dave.
> 
> --
> Dave Roberts, Unix Systems Administrator, SAA Consultants Ltd, Plymouth, UK.
> "smap has the advantage [over bare sendmail] that it was written by somone who 
is almost
> certifiably paranoid" - Brent Chapman, London, 19 Oct 95.
>   -=[ For PGP 2.6.3i public key, send mail with subject of "get pgp" ]=-
> 
> 
> Received: from relay7.UU.NET ([192.48.96.17]) by wormhole.essi.com with ESMTP 
id <29441-1>; Wed, 10 Apr 1996 21:05:45 -0700
> Received: from miles.greatcircle.com by relay7.UU.NET with ESMTP 
> 	id QQakxq12729; Wed, 10 Apr 1996 23:43:53 -0400 (EDT)
> Received: (majordom @
 localhost) by miles.greatcircle.com 
(8.7.1-lists/Lists-951222-1) id DAA25776 for firewalls-outgoing; Wed, 10 Apr 
1996 03:54:17 -0700 (PDT)
> Received: from smtpgate.saa-cons.co.uk (haddock.demon.co.uk [158.152.16.191]) 
by miles.greatcircle.com (8.7.4/Miles-951221-1) with SMTP id DAA25742 for 
<Firewalls @
 greatcircle .
 com>; Wed, 10 Apr 1996 03:54:04 -0700 (PDT)
> Received: from haddock.saa-cons.co.uk by smtpgate.saa-cons.co.uk with SMTP 
(5.65/1.3-eef)
> 	id AA03210; Wed, 10 Apr 96 11:58:53 +0100
> Received: by haddock.saa-cons.co.uk (AIX 3.2/UCB 5.64/5.00)
>           id AA21759; Wed, 10 Apr 1996 11:58:53 +0100
> Date:Wed, 10 Apr 1996 03:58:52 -0700
> From: Dave Roberts <djr @
 saa-cons .
 co .
 uk>
> To: Firewalls Mailing List <Firewalls @
 greatcircle .
 com>
> Subject: Solaris2.5 and BSD* - Facts
> Message-Id: <Pine .
 A32 .
 3 .
 91 .
 960410115650 .
 40704A-100000 @
 haddock .
 saa-cons .
 co .
 uk>
> Mime-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> Sender: firewalls-owner @
 greatcircle .
 com
> Precedence: bulk
> 
> /* 
>  * This is actually a resend, but I never saw the original on the list, 
>  * and it was a day when our ISP appeared to have trans-atlantic problems.
>  * Sorry to anyone who's seen it already.
>  */
> 
> The last thing I want to do is start an O/S flame war, I think we've had 
> far too many of those already.  What I am looking for are bare honest 
> facts.
> 
> I need to put in a bastion host to handle the proxying, DNS stuff, etc.  I
> would like to put this onto a pee-cee running BSD (either FreeBSD or
> BSDOS2.0).  However, someone above me in the chain of things wants me to
> use a SparcServer running Solaris 2.5.  I claimed that BSD was better
> suited for the purpose, and he said prove it. 
> 
> AFAIK, the facts stand as follows (please corrent me if I am wrong).
> BSD offers the immutable flag - Solaris does not.
> BSD gives me source code - Solaris does not.
> BSD allows me to compile stuff (ls etc) with static libs - Solaris does 
> not (if I remember a thread a while ago).
> 
> That's all I can think of.  Please don't mail back with arguments about 
> having source code or not, or static libraries vs dynamic, think those 
> have been beaten to death :)
> 
> What I would like are facts from people that have experience with both
> systems, or something that people with one of those systems feel is a big
> bonus, or a big headache.   I'm assuming all the tools I want compile 
> equally well on both systems (whatever kind of libs are used).
> 
> ObOffTopic: anyone know a tool to to base64 decoding?  Some of my users
> get their mail sent to ccMail, and their gateway doesn't understand MIME. 
> A DOS util to do with would be great (I can't convert *everyone* to Unix
> and Pine! ;)
> 
> Thanks in advance,
> 
> Dave.
> 
> --
> Dave Roberts, Unix Systems Administrator, SAA Consultants Ltd, Plymouth, UK.
> "smap has the advantage [over bare sendmail] that it was written by somone
> who is almost certifiably paranoid" - Brent Chapman, London, 19 Oct 95.
>   -=[ For PGP 2.6.3i public key, send mail with subject of "get pgp" ]=-
> 
> 



**********************************************************************
* Wojciech M. Tryc                                                   *
* http://www.tryc.on.ca/                                             *
* Pager: http://www.tryc.on.ca/cgi-bin/pager.cgi or pager @
 tryc .
 on .
 ca *
*                                                                    *
**********************************************************************
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i

mQBtAzFMTmQAAAEDALAdPjtPQU7FgC114Zb4bW30l2hgWaKRxru+ZTZZZRcI9AwD
y5scV9qn/dngQ1hiAJ3au3TWE1+fOnAOQXsw5ylq3+T79K/fk5D8tTYeyaN2RviW
jJsn0cgU9f8Cze6idQAFEbQkV29qY2llY2ggTS4gVHJ5YyA8d29qdGVrQHRyeWMu
b24uY2E+iQB1AwUQMUxOZBT1/wLN7qJ1AQHOIwL+NU6g15AXj7lT9wDYIiM1AF+o
rV+E12vwPfxcvEuWz7RXTeRNN/RxSDVvG1IsClzmPZZe364t3Uc7/CaNkzz/6/1L
sMMYH/F/zt+CCP39oFSZ+ASrbiNC2xueUHZLDvK6
=INya
-----END PGP PUBLIC KEY BLOCK-----
Indexed By Date Previous: Flood Attack? Could be client software!
From: "Paul D. Robertson" <proberts @ clark . net>
Next: Re: Cracking NT via RAS
From: Bill Stout <bill . stout @ hds-gw . hidata . com>
Indexed By Thread Previous: Hi Dave,
From: Kevin Nelson <knelson @ essi . com>
Next: ISOCOR N-PLEX
From: Felix Meschberger <fmesch @ dial . eunet . ch>
Google
 
Search Internet Search www.greatcircle.com