Re: [fw-wiz] Antivirus on a free UN*X (Linux/*BSD) platform

From: Stephane Nasdrovisky (stephane.nasdrovisky@uniway.be)
Date: 01/08/03


From: "Stephane Nasdrovisky" <stephane.nasdrovisky@uniway.be>
To: Bojan.Zdrnja@FER.hr
Date: Wed Jan  8 09:39:14 2003


> slightly off topic, is there any firewall besides checkpoint that uses
> this 'industry standard' CVP? (last time I looked a couple years ago there
> was not)

I don't known any firewall sucessfully using cvp, including checkpoint's fw-1.
CVP is a firewall-1 well known dos vulnerability known as nightmare. In one word:
marketing bullshit. My opinion is that smtp should be scanned at a mail relay
level (which most 'gateway' antivirus software do) and http/https should be
scanned at a proxy (which most 'gateway' antivirus software do).

> going all the way back to the FWTK smap that puts the incoming main as a



Relevant Pages