Re: [fw-wiz] AltaVista Firewall

From: Matthew J. Harmon (mjh_at_itys.net)
Date: 06/10/04

  • Next message: DCSIM Subscriptions (IA): "RE: [fw-wiz] VLAN Security" 
    To: Bruce Platt <Bruce@ei3.com>
Date: Wed, 09 Jun 2004 19:15:15 -0500

    Thank you for the in depth email, the files in the follow-up email are
    great, thank you!

    Additional reply inline:

    Bruce Platt wrote:

    > Previous posters are correct, this was sold to Axent and a maintenance
    > release named Raptor-EC was issued four or five years ago.
    >
    > I worked on a few of the original versions on both Win/NT and Digital Unix
    > in the '97 and '98 timeframe.
    >
    > Also correct is the statement that your client should get off of this and
    > onto something more modern as soon as possible.

    Already in the works.

    > As far as set up and management is concerned: (and I am going only from
    > hazy memory)
    >
    > 1. Through a web-browser running as part of the fw software.

    An early version of netscape.

    > 2. Application layer proxies for http, smtp, finger, etc. One feature of
    > the smtp proxy is that it holds the mail if the internet net smtp server
    > goes off the air. Packet Filtering capabilities as well.

     From what I've heard from other engineers, the configuration is quite
    similar (in practice, and in effect) to modifying /etc/inetd.conf and
    commenting out services?

    > 3. None of the modern features we have come to expect. ( :-) ). There is
    > little inspection of the application traffic running through the proxy, no
    > ability to do things like implement rbl checks, etc.
    > 4. All configuration information is saved in text files (I am sure about
    > this on the Unix version, and I think this is so on the Win/NT version.)
    > So, you can look for "config" files in the likely place (the install
    > directory of the sw), and look around in them. I would stay away from
    > messing with them outside of the browser UI

    One of the reasons I'm looking for so much detailed information is
    automating the configuration process.

    > I have a copy of the documentation which I will send to Matthew under
    > separate cover. He can provide it to others if he chooses

    In the process of revamping my website (http://itys.net/) however I will
    make these available shortly under http://itys.net/infosec/

    > As an interesting historical note. The AltaVista Firewall product grew from
    > work which was originally done at DEC by Marcus Ranum and a few others when
    > he worked with Fred Avolio back in the late 80's and early 90's. I had the
    > pleasure of knowing them then. They had the vision to know that the
    > marketplace needed a "real" firewall product. So, they and a few others
    > built one. The AltaVista FW product was intended to be an easy to use
    > "gadget" which didn't really need the skills of a sophisticated security
    > professional to install configure and deploy.
    >
    > Digital created an entire product line around the Search Engine, the
    > Firewall, and some other things, pieces of which were sold off as the
    > Company required cash to keep running after serious management blunders in
    > the 90's and before it was acquired by Compaq.

    Thanks for the information.

    >
    > +---------------------------------------+
    > Bruce B. Platt, Ph.D.
    >
    >
    >
    >>-----Original Message-----
    >>From: Matthew J. Harmon [mailto:mjh@itys.net]
    >>Sent: Tuesday, June 08, 2004 10:50 PM
    >>To: firewall-wizards@honor.icsalabs.com
    >>Subject: [fw-wiz] AltaVista Firewall
    >>
    >>
    >>I recently entered an client engagement and they are using
    >>the AltaVista
    >>Firewall (migrating away, but still need support). About
    >>five years ago
    >>I very briefly worked with this product (Digital ->
    >>Compaq/HP) which now
    >>appears to have no support, the digital.com website for their
    >>software
    >>(altavista.software.digital.com) is gone, the compaq website only has
    >>product information (no technical documentation) and the support tech
    >>(last ditch effort!) I talked to argued with me for ten minutes about
    >>how AltaVista is a search engine and not a firewall.
    >>
    >>So far, my only luck has been the wayback machine, which has even
    >>provided me little information.
    >>
    >>At this point, I am tossing myself at the mercy of those who may have
    >>experience with this firewall and perhaps documentation saved around
    >>somewhere? Or even a quick write up would be great. With
    >>permission, I
    >>will make a quick AltaVista Firewall 101 FAQ.
    >>
    >>Thanks for any help you can provide!
    >>
    >>-Matthew
    >>_______________________________________________
    >>firewall-wizards mailing list
    >>firewall-wizards@honor.icsalabs.com
    >>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >>
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: DCSIM Subscriptions (IA): "RE: [fw-wiz] VLAN Security"

    Relevant Pages

    • RE: [fw-wiz] AltaVista Firewall
      ... this was sold to Axent and a maintenance ... marketplace needed a "real" firewall product. ... The AltaVista FW product was intended to be an easy to use ... > Firewall (migrating away, but still need support). ...
      (Firewall-Wizards)
    • RE: [fw-wiz] AltaVista Firewall
      ... The server must run on Windows NT 4; the client has ... > Firewall (migrating away, but still need support). ... > how AltaVista is a search engine and not a firewall. ...
      (Firewall-Wizards)
    • [fw-wiz] AltaVista Firewall
      ... I recently entered an client engagement and they are using the AltaVista ... Firewall (migrating away, but still need support). ... product information (no technical documentation) and the support tech ...
      (Firewall-Wizards)