Re: Firewall Informer
On Sun, Feb 23, 2003 at 05:47:18PM -0000, Matt Foster wrote:
Glad to see this wasn't just fire & forget SPAM.
It still seems pretty off topic for this list.
Your screen shot sure looks like a M$ application, does this thing run
natively on Debian?
> Just to let you know Firewall Informer transmits network traffic
Scary name. It conjures images of seedy double-agents "informing" on
> between two network cards on a standard windows PC, this allows it to
Ah, a "standard windows PC". I assume the Informer won't run on a
standard UNIX PC then?
> replay a true client / server stateful conversation specifying any
So, it can record and replay network conversation?
> source and destination IP addresses and port information, using any
> point to point protocol. This testing is performed without protocols
Does this mean the Informer can only deal with PPP? That seems somewhat
limited? According to this;
"PPP is capable of operating across any DTE/DCE interface."
I'm not sure if a standard PC network card counts as a DTE/DCE
interface. However, according to this document I guess you could use
the AUI port.
> bound to either interface. This allows any inline packet filtering
> device to be tested to accurately to prove what can get through and
> what it blocked. Due to the configuration, testing can be performed
> bi-directionally allowing for an "outside in & inside out" view.
If I am interpreting your diagrams correctly it would seem that your
device "short circuits" the firewall?
Your page states;
"Under normal circumstances connecting a single device into both sides
of a firewall would constitute a significant risk and one that typically
would not be allowed. We negate that problem thanks to our ability to
send and receive packets without the need for protocols to be bound to
So, I am to trust your engineer's ability to build a bugless secure
> Currently the application is being used by both government, corporate
> and consulting organizations.
I don't really consider governmental use to be a resounding
recommendation. After all the US military standardized on Windows NT
demonstrating that robustness and security are not a primary concern in
Also, www.blade-software.com resolves to;
www.blade-software.com CNAME sub.hosting.ntl.com
sub.hosting.ntl.com A 18.104.22.168
Whilst, blade-software.com resolves to the same IP
blade-software.com A 22.214.171.124
However, if you go to http://blade-software.com/ your service provider's
virtual domain for this resolves to their home page. Probably not what
If you feel any of this was useful you can send some resources my way
via this page. http://parvu.net/support.html
P.S. Any chance you could set the line wrap on your email client to
something reasonable like 80 characters?
Ted Parvu <email@example.com> http://parvu.net