Recently, I was asked a question about a "Boson"
FW-1 Administrator exam. I have no idea what this
exam is, nor who sponsors it. However, if the
material quouted below is true, then this question
greatly disturbs me. I wanted to know if anyone
else has ran into this.
--- snip snip ---
I have always thought that it is necessary to harden the OS for the firewall
server. However, I was doing the Boson Checkpoint FW-1 Administrator
practice exams when I came across this question:
Question: Why is it unnecessary for Firewall-1 to harden the OS?
Answer: Firewalls that do not analyze the packet until it gets to the
application layer need to protect themselves from the lower layer attacks.
Firewall-1 protects itself by analyzing all the layers of the packet.
Therefore it is unncessary for the administrator to harden the OS for
Firewall-1 server.
Is this true????
--- snip snip ---
This is absolutely NOT true. If an exam is making these assumptions,
then it shows that the author has a total lack of security knowledge.
No firewall is impervious to vulnerabilities, Bugtraq demonstrates this
again and again. Also, base OS armoring protects the firewall against
rulebase or administrative misconfigurations. I highly recommend OS
armoring for all firewalls, regardless of the vendor. Part of security
is reducing risk at all levels.
--
Lance Spitzner
http://project.honeynet.org
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
