Re: [fw-wiz] AltaVista Firewall
From: Matthew J. Harmon (mjh_at_itys.net)
To: Bruce Platt <Bruce@ei3.com> Date: Wed, 09 Jun 2004 19:15:15 -0500
Thank you for the in depth email, the files in the follow-up email are
great, thank you!
Additional reply inline:
Bruce Platt wrote:
> Previous posters are correct, this was sold to Axent and a maintenance
> release named Raptor-EC was issued four or five years ago.
> I worked on a few of the original versions on both Win/NT and Digital Unix
> in the '97 and '98 timeframe.
> Also correct is the statement that your client should get off of this and
> onto something more modern as soon as possible.
Already in the works.
> As far as set up and management is concerned: (and I am going only from
> hazy memory)
> 1. Through a web-browser running as part of the fw software.
An early version of netscape.
> 2. Application layer proxies for http, smtp, finger, etc. One feature of
> the smtp proxy is that it holds the mail if the internet net smtp server
> goes off the air. Packet Filtering capabilities as well.
From what I've heard from other engineers, the configuration is quite
similar (in practice, and in effect) to modifying /etc/inetd.conf and
commenting out services?
> 3. None of the modern features we have come to expect. ( :-) ). There is
> little inspection of the application traffic running through the proxy, no
> ability to do things like implement rbl checks, etc.
> 4. All configuration information is saved in text files (I am sure about
> this on the Unix version, and I think this is so on the Win/NT version.)
> So, you can look for "config" files in the likely place (the install
> directory of the sw), and look around in them. I would stay away from
> messing with them outside of the browser UI
One of the reasons I'm looking for so much detailed information is
automating the configuration process.
> I have a copy of the documentation which I will send to Matthew under
> separate cover. He can provide it to others if he chooses
> As an interesting historical note. The AltaVista Firewall product grew from
> work which was originally done at DEC by Marcus Ranum and a few others when
> he worked with Fred Avolio back in the late 80's and early 90's. I had the
> pleasure of knowing them then. They had the vision to know that the
> marketplace needed a "real" firewall product. So, they and a few others
> built one. The AltaVista FW product was intended to be an easy to use
> "gadget" which didn't really need the skills of a sophisticated security
> professional to install configure and deploy.
> Digital created an entire product line around the Search Engine, the
> Firewall, and some other things, pieces of which were sold off as the
> Company required cash to keep running after serious management blunders in
> the 90's and before it was acquired by Compaq.
Thanks for the information.
> Bruce B. Platt, Ph.D.
>>From: Matthew J. Harmon [mailto:firstname.lastname@example.org]
>>Sent: Tuesday, June 08, 2004 10:50 PM
>>Subject: [fw-wiz] AltaVista Firewall
>>I recently entered an client engagement and they are using
>>Firewall (migrating away, but still need support). About
>>five years ago
>>I very briefly worked with this product (Digital ->
>>Compaq/HP) which now
>>appears to have no support, the digital.com website for their
>>(altavista.software.digital.com) is gone, the compaq website only has
>>product information (no technical documentation) and the support tech
>>(last ditch effort!) I talked to argued with me for ten minutes about
>>how AltaVista is a search engine and not a firewall.
>>So far, my only luck has been the wayback machine, which has even
>>provided me little information.
>>At this point, I am tossing myself at the mercy of those who may have
>>experience with this firewall and perhaps documentation saved around
>>somewhere? Or even a quick write up would be great. With
>>will make a quick AltaVista Firewall 101 FAQ.
>>Thanks for any help you can provide!
>>firewall-wizards mailing list
firewall-wizards mailing list