[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] PIX vs CheckPoint
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] PIX vs CheckPoint
- From: John Kinsella <jlk@xxxxxxxxxxxxxx>
- Date: Tue, 29 Jun 2004 14:34:53 -0700
On Tue, Jun 29, 2004 at 01:46:30PM -0700, Eric Paynter wrote:
> On Tue, June 29, 2004 11:59 am, James Patterson Wicks said:
> > CheckPoint's interface is very intuitive and easy to use.
> Easy to use in a "Microsoft" kind of way. Last I heard, it does nice
> things for you like always allow DNS traffic through, even if you have no
> port 53 rule and a deny all policy. How helpful!
Sounds like somebody needs to learn how to run FW-1. There's several
"implied" rules which are set from Global Properties, and are only
displayed/logged if you specity to display/log implied rules.
John
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html