Checkpoint's recommendation on how to pass
Sybase TDS originally came from me. So, if it's
not good enough, that's my fault. Looks like I should
learn inspect. Or, you can use the encrypted version,
then you have to use it as described.
com (Frank Darden) on 10/20/97 04:06:03 PM
To: jloiacon @
com (Joe Loiacono) @ smtp, trott @
Trott) @ smtp
cc: firewalls @
COM @ smtp (bcc: Ryan Russell/SYBASE)
Subject: Re: sex, lies, and firewall code
At 10:24 AM 10/20/97 -0400, Joe Loiacono wrote:
>Richard Trott wrote:
>> The author gives very relevant and important pieces of information. For
>> example, the author points out that FireWall-1 cannot verify "Sybase
>> header field format and content." Instead, the "solution" for getting
>> Sybase across the firewall is to poke a hole for that particular port.
>But isn't this within the capabilities of the INSPECT language? Maybe
>Checkpoint hasn't figured out the Sybase protocol yet; but the user can.
>Is the argument that this is too sophisticated for the average security
>guy? With the INSPECT language caveat omitted, the claim (see above)
>could be considered misleading - but I'd say within bounds for
>technical/marketing papers and not preposterous.
>Joe Loiacono (301) 415-6153
>Computer Sciences Corporation http://www.csc.com
Yes Sybase can be set up within inspect. And yes, you have the ability to
compose your own inspect scripts. This is one of the many points that I
make in my rebuttal to Freds paper. While many people on this list see only
proxy based firewalls, or have only been exposed to one type of technology,
I have the rather nice pleasure of having had experience on several
different firewall products, including (but not limited to) Gauntlet and
Firewall-1. So I can address both technologies from real field experience,
having installed these types of products in many large, corporate network
enviornments. I suspect many of you have brand or product loyalty, which is
admirable. But until you have tested both technologies, and clearly
understand both, it is difficult to say whether Freds paper is accurate, or
misleading. I will be posting my rebuttal to Freds paper as soon as I am
sure that I dont violate anyones copyright.