> ygerman @
> I would also say stay away from NT firewalls because the NT TCP/IP
> stack is not as robust as Unix in a high volume environment.
On what facts do you base this? AFAIK the problems with Microsoft's
implementation of TCP/IP have more to do with incorrectly handling packets
that were incorrectly assembled (e.g. the OOB problem which gave all the
dumb snotty nose wannabe hackers a hard on) . But even Unix TCP/IP do not
always respond as it should - what about SYN stealth scans?
A company I know have been using NT with SQL-Server across a WAN for a
number of years now. The volumes are pretty high - hundreds of users doing
OLTP transactions. The problem has never been with TCP/IP on NT, but rather
with SQL-Server and the Microsoft client (Win95) DB library.
I have worked with NT since the first beta, and TCP/IP IMHO was never a
problem, but rather the use of it (like running NetBIOS pipes across TCP/IP
instead of using sockets). Of course Microsoft was naive in believing they
could implement the RFCs for TCP/IP without paying much attention to wrong
IP packets. But remember these IP packets are almost always the result of
hacker attacks. In a standard high volume business environment NT's IP is
stable and robust enough IMHO. The problem I believe is that NT's IP is not
always robust enough to survive a hacker attack.
NT has received a lot of flak, especially from the Unix lovers, but it is
still a good operating system and one that is used (as with Unix)
throughout the world by many companies for running mission critical