[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Nokia question
This is obviously from someone who is just repeating what he has heard on the subject. The Nokia IPSO started life ad FreeBSD that much is true. About 5 years ago while it was still Ipsolon though/ since then the extra crap and fluff has beed removed to produce one of the most streamlined OS's I have ever seen. As far as being vulnerable to exploits, we run the OS's through a very tough testing each time there is new release and have yet to find it vulnerable to exploits. The fact that you cannot even write to the /etc with actually being physically attached kind of reinterates that. The only issue that I have is that the Voyager interface is managed on HTTP. But even that has been handled as far back as 3.1 (current is 3.3). The latest version even supports HTTPS to the interface and can generate an CA request so you can get a proper CA for the box. The "Cisco'ish" interface cannot be further from the truth. The command line interface is Unix plain and simple. No anything else. You are correct however, that it does and can run IGRP and BGP4 and it is licensed from Cisco. Nokia recognizes, as the rest of the world, that Cisco is the leader in IGRP and BGP4 communications. just my opinions Tim Cullen CCSA, CCSE --- Jon Vandiveer <[email protected]> wrote: > > Nokia IPSO , at last published documentation, > utilizes FreeBSD 2.2.6 as the > base. > A Steven points out, it has been completely > overhauled and has a heavily > modified kernel. (it still does suffer from some of > the exploits that exist > in FreeBSD, hopefully IPSO 3.3 will patchup some of > the underlying security > holes) > > Not only does it offer a Cisco IOS'ish feel to some > of the command line > syntax, it also runs gated with IGRP and BGP4, > licensed from Cisco. > > But I am sure PhoneBoy could correct me on some of > these statements. > > Jon > > > Date: Wed, 6 Dec 2000 09:56:36 -0500 > From: Steven Schuster <[email protected]> > Subject: RE: [FW1] Nokia question > > Short answer: > > The Nokia boxes are running a version of Checkpoint > that has been ported to > their specific OS. Once upon a time, it used to be > a version of BSD, but > the Ipsilon (before Nokia bought them...) Engineers > took it apart and put it > back together specifically designed for running > Firewall-1. It is not > running any Linux compatibility libraries, thus is > not running the Linux > version of Checkpoint. > > > > Steve Schuster, CCSE, CCNA > Midwest ISO > Security Analyst > > > - -----Original Message----- > From: Marco Shaw [mailto:[email protected]] > Sent: Tuesday, December 05, 2000 1:56 PM > To: [email protected] > Subject: [FW1] Nokia question > > > > I believe someone mentioned here mentioned that the > Nokia solution used FW-1 > on a customized version of FreeBSD. > > Does anyone know how this is implemented exactly? > Does the OS have the > Linux compatibility library so it is running the > FW-1 version for Linux? > > Marco > > > > > > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|