On Wed, 3 Oct 2007, Ray wrote:
http://www.theregister.co.uk/2007/10/03/check_point_pentest/ - I glanced
through it and it looks like you have to have a bad admin, and if you've got
that it's game over anyway.
They picked up the thread from the bugtraq mailinglist. I made some
comments on it there.
But I have asked repeatedly at Check Point how they cope with security
updates on the operating system. And I have yet to hear an answer that
really satisfies me.
Granted that you would not have anyone logging into SPLAT unless (s)he is
an admin allready. But I do prefer defense in depth and at this point
SPLAT is definitly lacking in that regard.
But any hardware that I can physically access that runs Check Point (be it
SPLAT, Solaris, IPSO, ....) can be broken into. So for non-admin it adds
very little leverage.
Hugo.
--
[EMAIL PROTECTED] http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for this quote of George Bernard Shaw.)
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
