Firewalls: Re: Proper platform for a firewall

Firewalls
(August 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Proper platform for a firewall
From:	wdawson @ willard . atl . ga . us (Willard Dawson)
Organization:	Willard's House
Date:	Fri, 5 Aug 1994 10:11:56 GMT
Apparently-to:	firewalls @ greatcircle . com
Newsgroups:	willard.firewalls
References:	<9408041536 . AA02895 @ uvs1 . orl . mmc . com> <199408042240 . PAA00101 @ mycroft . GreatCircle . COM>

gnenych @
 twogwn .
 CAnada .
 ncr .
 COM (Greg Nenych) writes:

...

>If you don't have
>source to the OS or can't understand it, at least make sure that the OS you
>are using has had lots of run time by lots of people and comes from a vendor
>that is very quick to fix security bugs.

I used to believe that I wanted patches quickly from Sun.  Having been
through the horror of patching Solaris since 2.1 days, I now believe
they should be slower, and take especially more care in testing that new
patches don't break more things than they fix.  Unfortunately, fully
integrated testing of all possible environments is impractical for an OS
vendor at the patch stage.

You and others insist that quick fixes to security bugs are good.
I think they're a mixed blessing, at best.

References:

Proper platform for a firewall
From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Re: Proper platform for a firewall
From: Greg Nenych <gnenych @ twogwn . canada . ncr . com>

Indexed By Date	Previous:	[no subject] From: Andreas Paukert <apa @ baltic . e-technik . uni-rostock . de>
Indexed By Date	Next:	Re: s/key vs passwords From: tries @ landmark . mitre . org
Indexed By Thread	Previous:	Re: Proper platform for a firewall From: Greg Nenych <gnenych @ twogwn . canada . ncr . com>
Indexed By Thread	Next:	Re: Proper platform for a firewall From: Marcus J Ranum <mjr @ tis . com>