Peter da Silva enscribed thusly:
> In article <006e01bead58$79709060$[EMAIL PROTECTED]>,
> Don Kelloway <[EMAIL PROTECTED]> wrote:
> >But IMO, I think people are either forgetting or overlooking the fact that
> >the Windows NT4 op/sys can be made "C2" and "E3/F-C2" secure
> IIRC, the only version of NT that has been evaluated to be "C2" secure is
> a specific version of NT 3.5, with flopy drives and NETWORK PORTS removed.
> This C2 rating has no relevance to either NT 4.0 or to firewalls.
And it was on three very specific hardware platforms. No others.
> >"E3/F-C2" is widely acknowledged to be the highest ITSEC evaluation rating
> >that can be achieved by a general-purpose operating system and "C2" is
> >widely acknowledged to be the highest TCSEC evaluation rating that can be
> >achieved by a general-purpose operating system.
> C2 is about the lowest TCSEC rating that's worth actually paying attention
> to. Apart from the auditing requirements, a plain vanilla Linux box could
> meet C2 if it were evaluated, and if you turn on enough NT audit logs to be
> worth anything you've just added another layer of instability to the system,
> because NT falls over when they fill up.
> For a firewall, these ratings only become interesting when you look at
> the B ratings and the compartmentalization they bring. Below that, whether
> the firewall OS is "rated" or not is almost irrelevant.
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
