And you keep stating that an unproven solution with no reviews by a reputable firewall certification/testing company/organization is a proper firewall good for protecting people as any certified firewall is.
So, I expect that you want everyone to believe that anything you post is always true, that anything you call a firewall, even a toaster, is really a firewall?
You've been told more than once already that Sun ship and support IPFilter as standard with Solaris.
You could try claiming that Sun and Solaris are somehow 'unproven'......
To those of us whose real world knowledge extends a mite beyond marketing material, the answer is yes.
I've detailed one example of that already.
Oh Gawd, Mr Non Sequitur strikes again.
The rest didn't give you a bit of weasel room, eh.
So now you are contradiction everything you said previously.
And even the next phrase.
You know, it either is a firewall, or it isn't. The fact that a BSD box can be misconfigured by a user is no different than that
*any* of the units certified by ICSA can also be misconfigured.
How will "a specific configuration is certified" help a specific customer who will *never* use that specific configuration?
Your ICSA certification is *clearly* worthless for what you are claiming.
It seems that I *have* seen all the updates for Linux. The problem is that neither I nor anyone else gets to see the updates for any of the non open source systems that ICSA has certified.
Cough laugh giggle. You are so naive it is just astounding!
There is no comparison, and Open Source wins head down going away. (I wouldn't touch an Apple or Microsoft "firewall", certified or otherwise, if you paid me.)
Are you afraid of what you say?
And I doubt that anyone is paying you any money for using the FW of the Gods either North in Alaska with the 54g ;-)
Only to you is anyone afraid of saying anything, since you're such a lunatic and will go off the deep-end up there North in Alaska with Linux *software of the Gods* and the 54g mistress. ;-)
And your "assumption" that because Sun and Solaris ship a version of it on some systems, that somehow that makes the unproven solution that may be based on that particular implementation, somehow, some way, the same? Nope, the two have nothing to do with each other.
What makes you think that the third-party firmware is the FULL and PROPERLY CONFIGURED Sun/Solaris packaged solution?
Get real, you've proven how little you know about software development and nix.
I was using XNA before posting to this group for the first time, before Google was started, before you ever got your first Internet access, starting in the early 80's. I don't have to justify my use of XNA to a troll like you, especially one that doesn't understand the definition of a firewall and what does/doesn't make a firewall a firewall.
So you were using "XNA" before it was invented, or did anything, eh? You do take the cake for exaggeration...
Hmmm... aren't you the guy who can't figure out what the definition of a firewall actually is, and thinks that if some subscription company doesn't get paid to "certify" something, that it isn't a firewall at all.
Make that *ALL* Sun systems. You've been told more than once already that Sun ships IPFilter *on* Solaris as *standard*.
I am not the one claiming that IPFilter is somehow 'unproven' purely on the basis of a lack of a shilled review by ICSA labs.
Only to those who are clutching at straws.
Do you accept that IPFilter on Solaris is a perfectly valid firewall solution, yes or no.
Do you accept that netfilter firewalling solutions have been 'passed' by ICSA, yes or no.
Do you accept that OpenBSD is the most secure general purpose *nix like OS available today, yes or no.
Because over the past decade, I have built, installed and managed IPFilter on at least 4 different Unix platforms (including solaris) at the last count.
One's bona fides are part of the google record. I don't need to repeat them here.
ROTFL! This coming from someone who doesn't know that Solaris is the name of the Unix like operating system shipped by Sun Microsystems.
Another 'intellectual' with a yawning chasm between it's capability and self perception.
greg
That is, BTW, an abjectly ignorant statement.
What makes you think that *any* firewall software is "PROPERLY" configured just because ICSA certified that they were able to test it?
You've proven that you know virtually *nothing* about software configuration or systems administration.
Floyd Firewall is hot to trot and I rest my case cut him loose.
And that it ships doesn't mean a hill of beans - it's on how it's setup and configured that makes it a firewall or not.
You are the one claiming that because a product has a hacked version of something installed, something that "can" be setup as a firewall, that all products using derivatives of it must also be firewalls of the same quality.
I will agree that "it can be" under the right installation and configuration methods and practices.
I've not looked, but in some combinations I accept that as tested and certified, if it was, that it passed in that configuration.
Yes, never denied it or disputed it. Being the most secure general purpose OS does not make its inclusion into the 54g package as secure, in fact, until the 54g and firmware is tested even you can't tell if they left a hole or any other exploit open.
And that doesn't change the FACT that the unconfirmed 54g + firmware is unproven. Your experience with a open product does not indicate it's success in the specific configuration being discussed in this group.
I've never run/used Solaris, only IBM's AIX and RedHat and Fedora. I have no reason to know the specifics of Sun's offerings as I don't have any customers that use Sun products.
I agree, you are really unable to understand the concepts that are being discussed here - you seem to think that one product, used in a specific setting, is the same as another product using part of a solution based on part of something that has part of the same name.....
it's obvious that I know more than you, and I'm not the one proclaiming that some derivative work is the same as the original work. Just because a project uses parts of something does not mean it's as good or has the same working features as the original. I can see that you've never coded anything in your life if you don't understand that concept.
Our resident 'expert' finally gets a modicum of clue.
[the usual circular drivel binned unread]What a troll what a troll?
Nicely taken out of context. So, when are you going to post something that indicates the 54g and third-party firmware is actually an accepted firewall by a reputable authority?
It makes no difference how many of these stupid things you say, you can't make them come true.
What "derivative work" are you talking about?
Try opening your eyes, it really is better than a limited imagination.
Which applies just as equally to your silly insistance that ICSA certification is a holy grail.
Where do you get the idea that if the ICSA hasn't been paid that a product is a "hacked version"? Or that it isn't if the fee has been paid?
So you *admit* that all of your previous statements were bogus!
Speaking if ignorance. You don't seem to know this topic well enough to discuss the details without huge confusion. You are merely blathering again, and it isn't making sense at all.
(Hint: Linksys doesn't use OpenBSD in any product.)
Your ignorance is showing, again.
It's a statement of fact.
Do you stop being churlish dear boy, it's not the fault of the audience that you hoisted yourself upon your own petard.
ROTFL! What would you know about it exactly ?
You've previously claimed that it's based on OpenBSD
#quote
Yes, never denied it or disputed it. Being the most secure general purpose OS does not make its inclusion into the 54g package as secure, #endquote
Your propensity for repeated public displays of cluelessness is what is being discussed ATM.
greg
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.