Re: [fw-wiz] RE: Firewall Utilization

From: Balazs Scheidler (bazsi@balabit.hu)
Date: 10/16/02

• Next message: Philip J. Koenig: "Re: [fw-wiz] CERT vulnerability note VU# 539363"
• Previous message: Stephen Gill: "RE: [fw-wiz] CERT vulnerability note VU# 539363"
• In reply to: Achim Dreyer: "Re: [fw-wiz] RE: Firewall Utilization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Balazs Scheidler <bazsi@balabit.hu>
To: Achim Dreyer <adreyer@math.uni-paderborn.de>
Date: Wed Oct 16 14:34:47 2002

On Wed, Oct 16, 2002 at 06:59:42PM +0200, Achim Dreyer wrote:
> On Wed, 16 Oct 2002, Zill, Greg wrote:
>
> > Date: Wed, 16 Oct 2002 09:55:42 -0500
> > From: "Zill, Greg" <Greg.Zill@owh.com>
> > To: firewall-wizards@honor.icsalabs.com
> > Subject: [fw-wiz] RE: Firewall Utilization
> >
> > Sun e250 with Solaris 2.7
> > Raptor 6.5.3sp1
> > dual 368 CPU, 512 RAM, 1024 swap, 18Gb SCSI
> > two bonded t-1 lines
> >
> > uptime common: 0.05 0.05 0.05
>
> .. these are usually load averages for user space processes. The load
> average can at best be an indicator that something is terribly wrong.
> You should never trust them.
>
> All major firewall implementations work at kernel level, so these are not
> accounted for with the load level! If you want to see what the kernel is
> doing go for kernel optimisation tools..

Raptor is an application level proxy firewall, which run in userspace. So
load avg using Raptor _IS_ impportant.

All major proxy firewall implementations run in userspace.

ps: sigh, if people knew the difference between firewalls and firewalls...
we'd live in a less dangerous world.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1

---

• Next message: Philip J. Koenig: "Re: [fw-wiz] CERT vulnerability note VU# 539363"
• Previous message: Stephen Gill: "RE: [fw-wiz] CERT vulnerability note VU# 539363"
• In reply to: Achim Dreyer: "Re: [fw-wiz] RE: Firewall Utilization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Linux doesnt boot up - Firewire issue ... So are you saying that the 1394 modules fail to load, ... freezes when they attempt to load at boot time? ... > kernel parameter... ... > reinstalling without a firewall, ... (Fedora) RE: 66 running processes? ... Win XP, a firewall and an AV and about seven background utilities, and with ... want it to load right from boot up, or could you take it off the load list ... Stopping programs you use loading early is only likely to make much ... (microsoft.public.windowsxp.perform_maintain) Re: Microsoft websites are inaccessible ... can not get well formed pages to load at msdn2.microsoft.com nor can I ... When did my firewall learn to discriminate? ... msdn2 using the search results... ... the router. ... (comp.security.firewalls) Re: Weird problem with a Raptor. ... Raptor firewalls load balenced with Stonesofts Fullcluster, ... was that as the load on firewall A neared overload, ... Check the BigIP configurations and check the amount of load on each web server ... I am troubleshooting a problem with a Raptor firewall. ... (comp.security.firewalls) Re: Microsoft websites are inaccessible ... clintonG wrote: ... I've heard all kinds of assumptions suggesting local cache problems to my firewall. ... A helpful guy finally responded stating he and others resolves similar problems by disabling dynamic DNS on the firewall but the Road Runner ISP requires dynamic DNS to be selected on the router. ... If you care to try to do a Google search such as the following and then try to load several pagefrom msdn2 using the search results... ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)