Ok, I will take a deeper look into CPMAD, and forget about the rest for now. Thanx for all replies.
best regards Jan -----Oprindelig meddelelse----- Fra: Volker Tanger [mailto:volker.tanger@;DISCON.DE] Sendt: 22. oktober 2002 14:10 Til: [EMAIL PROTECTED] Emne: Re: [FW-1] SmartDefense or not Greetings! Jan Egeriis wrote: > I have been reading a little on the CheckPoint SmartDefense datasheet. > Basically it look very nice, but.... > > I am currently running FW-1 4.1 SP3 on Solaris 7, and I don't want to > upgrade either of them. > Will SmartDefense run on this platform? > [...] > > There is already some IPSpoofing and SYN Flood defense in the basic > FW-1, so what I will pay for is: > - LANd > - IPFragmentation > - Illegal and Malformed Packets > - Port Scanning > - Service Scanning You forgot to subtract the MAD (malicious activity detection) that's built into CKP-FW1 (but not accessible from GUI). MAD detects/defends: - Syn-Attacks - Spoofing attempts (for local interfaces, too) - portscan detection - blocked ports scan detection - login failures - fast repeated connects - land attacks So you're only left with - IPFragmentation - Illegal and Malformed Packets Bye Volker Tanger IT-Security Consulting -- discon gmbh Wrangelstra�e 100 D-10997 Berlin fon +49 30 6104-3307 fax +49 30 6104-3461 [EMAIL PROTECTED] http://www.discon.de/ ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
