Firewall 1 version 4.1 on Suse, IT WORKS!! :-)))
Dear all, I've just install firewall 1 version 4.1 on Suse 6.4. it works perfectly. THe only thing is that you need to have kernel 2.2.12 installed. may be Check point also delivers newer modules. According their web site it would work up to and including kernel 2.2.13. By the way the rpm packages are originally made for Red Hat. But it still works perfectly on Suse. the only down side is that the is now Linux client for Firewall one. Only a windows client that is free of charge and a Motif client for Solaris that costs and US$ 2000,-. I hope that suse will work together with Checkpoint so that there also will be a officially supported client for Suse Linux. By the way, you need to install kernel 2.2.12 from ftp.xx.kernel.com because 2.2.12 of Suse (rpm package) doesn't compile on Suse 6.4 . Regards, Joop Boonen. www.checkpoint.com
Joop Boonen wrote:
I've just install firewall 1 version 4.1 on Suse 6.4. it works perfectly. THe only thing is that you need to have kernel 2.2.12 installed. may be Check point also delivers newer modules. According their web site it would work up to and including kernel 2.2.13.
<<snip>>
By the way, you need to install kernel 2.2.12 from ftp.xx.kernel.com because 2.2.12 of Suse (rpm package) doesn't compile on Suse 6.4 .
Regards,
Joop Boonen.
www.checkpoint.com
I really dislike this shameless plug because of : - firewall 1 is closed source and so not trustworthy, - as history shows on Bugtraq firewall 1 is insecure, - kernel 2.2.12 (and many others in the 2.2.x serie) are insecure, - the 2.2.12 kernel from ftp.xx.kernel.com doesn't contain the SuSE patches, - and so on. If you do not trust ipchains and Linux you might consider to audit the sources or to use OpenBSD instead. Have a look at The Linux Kernel Auditing Project (http://lkap.org/). I hope that the message of Joop Boonen is not an example for other suppliers :-(. The message is even hard to understand, does "the only down side is that the is now Linux client for Firewall one" means "`that there is not" ? No need to answer this question as it is not important at all. Regards, Fred Mobach
Fred Mobach wrote:
Joop Boonen wrote:
I've just install firewall 1 version 4.1 on Suse 6.4. it works perfectly. THe only thing is that you need to have kernel 2.2.12 installed. may be Check point also delivers newer modules. According their web site it would work up to and including kernel 2.2.13.
<<snip>>
By the way, you need to install kernel 2.2.12 from ftp.xx.kernel.com because 2.2.12 of Suse (rpm package) doesn't compile on Suse 6.4 .
Regards,
Joop Boonen.
www.checkpoint.com
I really dislike this shameless plug because of : - firewall 1 is closed source and so not trustworthy, - as history shows on Bugtraq firewall 1 is insecure, - kernel 2.2.12 (and many others in the 2.2.x serie) are insecure, - the 2.2.12 kernel from ftp.xx.kernel.com doesn't contain the SuSE patches, - and so on. If you do not trust ipchains and Linux you might consider to audit the sources or to use OpenBSD instead. Have a look at The Linux Kernel Auditing Project (http://lkap.org/).
I hope that the message of Joop Boonen is not an example for other suppliers :-(. The message is even hard to understand, does "the only down side is that the is now Linux client for Firewall one" means "`that there is not" ? No need to answer this question as it is not important at all.
Regards,
Fred Mobach
Dear all, By the way I'm not a supplier. I think it's a very good that Linux also gets commercial products. The thing is that for now Linux doesn't yet have a open source firewall that compete with Firewall 1. Companies prefer to have supported products. Hopefully we will have an open source supported firewall soon. Like the falcon project. http://falcon.naw.de/ The Linux firewall 1 solution might be the cheaper 'unix like' solution. And the solution in comparison to windows NT. By the way Firewall 1 has about 70% of the firewall market. Regards, Joop. Can you please give me the link for: Bugtraq . By the way this email was just to share information with people.
Dear all,
By the way I'm not a supplier.
Whatever. You seriously broke rules of etiquette. Kernel 2.2.12 has so many holes I'd need to hire a group of people to shake sticks at them.
I think it's a very good that Linux also gets commercial products. The thing is that for now Linux doesn't yet have a open source firewall that compete with Firewall 1. Companies prefer to have supported products. Hopefully we will have an open source supported firewall soon. Like the falcon project. http://falcon.naw.de/
Yes it does. 2.4.0 which will be out shortly has most of the features Firewall has with the exception of a few higher end features. If you want commercial firewalls for Linux there are several, all IMNHO superior to firewall 1. http://www.securityportal.com/lasg/firewall/ lists several.
The Linux firewall 1 solution might be the cheaper 'unix like' solution. And the solution in comparison to windows NT.
By the way Firewall 1 has about 70% of the firewall market.
Windows has 90% of the Desktop market. Only ~100 million people in the world speak german (I'm one of them), yet 1+ billion people speak chinese, geee, german must be inferior!
Regards,
Joop.
Can you please give me the link for: Bugtraq .
So you can spam them to? Aleph will eat you for breakfast =). www.securityfocus.com.
By the way this email was just to share information with people.
Thanks but no thanks. You sir are a fool. -Kurt (who's cranky cause he just finished a 38k weekly linux security digest and it still ain't done).
Joop Boonen wrote:
Fred Mobach wrote:
I really dislike this shameless plug because of :
<<snip>>
I hope that the message of Joop Boonen is not an example for other suppliers :-(.
I think it's a very good that Linux also gets commercial products. The thing is that for now Linux doesn't yet have a open source firewall that compete with Firewall 1. Companies prefer to have supported products. Hopefully we will have an open source supported firewall soon. Like the falcon project. http://falcon.naw.de/
I won't argue with you on commercial products for Linux but I will argue with you on closed source products in the security area. No need to believe me but then you has first to read some papers related to this security aspect. Since when are you unable to find support for open source products ? I am sure that also in your area that support is available. If you want I can give you information by *private* mail. The kind of support however is propably different from what you are used to, you are not requested to reboot or to reinstall ;-). No need to expand on what Kurt Seifried contributed regarding commercial products and kernel 2.4.x functionality. Thank you, Kurt :-).
The Linux firewall 1 solution might be the cheaper 'unix like' solution. And the solution in comparison to windows NT.
If you are serious on the use of firewall 1 I cannot stop you. But you are for sure on the wrong forum. And the "cheaper unix like" solution doen't say anything about security, it only says something about money. Security has his price. That price doesn't necessary means the price of the software but could better be spend on hiring and training a security officer. A sentence which contains the terms "NT" and "security" should at least also contains the phrase "is not" between those. Anyone who forgets this will get oppression and not only from me.
By the way Firewall 1 has about 70% of the firewall market.
Yes, and what does that means ? Is it your intension to say that most users really do know anything about security ? I am now for 30 years in the IT and always have security in mind. Some of the collegues I meet work in the same way but most of them don't care for security. Do you recognize the expression "password == username" ?
Can you please give me the link for: Bugtraq .
Hey, stop here. You have a security related job and don't read Bugtraq ? Have a look at http://www.securityfocus.com/ and search for forums. Remember what Kurt told you, OK ? Regards, Fred Mobach
participants (3)
-
Fred Mobach -
Joop Boonen -
Kurt Seifried