On Mon, 2004-08-09 at 13:03, Antony Stone wrote: > On Monday 09 August 2004 5:48 pm, Mike O wrote: > > > John, > > > > Would you mind elaborating on your comment about Netfilter's stateful > > engine being weaker than Checkpoint's? and how would the window tracking > > patch make it more secure. We have checkpoint here and have ran into > > problems, where checkpoint has limited us in the way we do things here and > > I have always wanted to implement netfilter but couldn't because it's open > > source. > > Why couldn't you implement netfilter "because it's open source"? > > Do you know someone who has a plausible argument saying that open source > software is lower quality or less secure than commercial closed-source > software (or is someone simply living under the illusion that if something > goes wrong with their FW-1 firewall, they can sue Check Point, haha) ? > > I'm very interested in any meaningful rationale for saying "we won't use it > because it's open source". I could understand if the argument was "we won't > use it because it doesn't meet our needs", but that's a different argument. > > Regards, > > Antony. The "sue" argument is, sadly, very powerful among those who do corporate risk assessment :-( (financial risk - not security risk) -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
