Sean Donelan <SEAN @
SDG .
DRA .
COM> writes:
>> So, does Sidewinder hold up against the current set of attacks?
Yes. A host is vulnerable to the current set of attacks if it needs
to trust another host and it relies on IP addresses to identify traffic
from the trusted host. Neither the Sidewinder challenge site nor the
Version 1.0 product need to trust other hosts.
A firewall or guard or gateway does not stop the current set of
attacks if it allows the misaddressed transport level packets to
enter the protected network. Sidewinder operates in the manner of
proxies and application level gateways. No traffic flows through it
below the application level. Unlike firewall configurations of
routers, you can't even configure the Sidewinder to let IP spoofing
packets through by mistake.
Alan Hannan <alan @
mid .
net> writes:
> I do not profess to know the consensus, but I do not have a high opinion
>of sidewinder. [ gripes about our marketing activities omitted ]
> I would have a much higher confidence in a product such as MIDnet's SecurIt,
>which is based on TIS's crystal box toolkit. (<- Shameless plug)
What matters is where the rubber meets the road. Would you care to comment
on what measures these products take against the IP spoofing threat, and
their relative resistance against incorrect configuration that would open
a vulnerability to it?
Rick.
smith @
sctc .
com roseville, minnesota
|
|
