Concurrent code is more difficult than linear code, but to achieve Common Criteria
Approval, the proxy firewall has to show the security of the TCP/IP stack and kernel
as well. The OS can't be trusted unless it too has CC approval (as some do).
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Bernd Eckenfels
Sent: Friday, December 01, 2000 14:02
To: Bill Royds
Cc: Nguyen_Trang; '[EMAIL PROTECTED]'
Subject: Re: Dod & CheckPoint backdoor
On Thu, Nov 30, 2000 at 09:37:10PM -0500, Bill Royds wrote:
> Since FW-1 uses stateful packet inspection rather than application proxies
> (mostly), it should be easier to examine.
nope, it is quite complicated to verify kernel ode interrupt handlers with
al kind of concrrency problems and undefined protection from the os.
It is much more easy to verify a 10 line user mode program which uses normal
socket operations. Take a look at the old FWTK Papers on that Topic. Of
course this asumes you trust the OS.
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
