nuqneH,

Though i think people who buy Checkpoint stuff are somehow non-representative
(i think if one tried that with, say, Cyberguard, we'd see completely
different picture) the results are still scary. Damn scary. That means 80%
firewalls could be thrown off with no further harm to security.

On Wed, Jan 25, 2006 at 05:32:49PM +0200, Avishai Wool wrote:
> Paul didn't say where he got that tidbit from (and 87.3% of all statistics
> are made up anyway :-) but if you want some hard numbers to back up
> the spirit of his claim, you can check out:
>
> A. Wool. A quantitative study of firewall configuration errors.
> IEEE Computer, 37(6):62-67, 2004.
> http://www.eng.tau.ac.il/~yash/computer2004.pdf
>
> Cheers
> Avishai
> --
> Avishai Wool, Ph.D.,
> Chief Technical Officer, Algorithmic Security Inc.
> http://www.algosec.com
> **** Want to audit or debug your firewall's policy? ***
>
>
> [snip]
>
> > Here's a little tidbit that's about 4 years old now, but ponder it and ask
> > yourself if the IDS is where people *should* be spending their time:
> >
> > Approximately 74% of firewalls are either misconfigured or not configured
> > to block attacks they're capable of blocking in normal operation.
> >
> > Paul
> >

> -----------------------------------------------------------------------------
> > Paul D. Robertson "My statements in this message are personal

> opinions
> > paul@compuwar.net which may have no basis whatsoever in fact."
> > http://fora.compuwar.net Infosec discussion boards
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards@honor.icsalabs.com
> >

> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/li...rewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/li...rewall-wizards