After Cisco (CSCO) picked up Network Translation Inc. back in 1995 it now has, or tried to, quietly release an EOS (end of sale) announcement for its PIX products. Namely,
Q. What products are covered by this end-of-sale (EOS) announcement?
A. This EOS announcement covers all Cisco PIX security appliances, software, accessories, and licenses. Products include Cisco PIX 501, PIX 506E, PIX 515E, PIX 525, and PIX 535 systems and spares; Cisco PIX Software Releases 6.2, 6.3, 7.0, 7.1, 7.2, and 8.0; and all accessory items such as power supplies, I/O cards, memory upgrade kits, VPN Accelerator Card Plus (VAC+) cards, and software licenses.
This has not gone unnoticed. The folks from Astaro pounced on the opportunity.
From Network World:
So far, the Linux platform based Unified Threat Management (UTM) solution vendor Astaro, has been the only competitor to address the Cisco PIX end-of-sale notice by announcing its Upgrade Your Cisco PIX trade-in program.
Over 100,000 IT administrators entrust their network with security appliances from Astaro.
The Astaro trade-in program offers Cisco PIX users 20% off the list price on all Astaro hardware, software and maintenance for 3 or 5 year agreements, with the return of a Cisco PIX firewall appliance.
Nice deal. Read on.
Article Link
Astaro Upgrade Offer
Tags: Astaro, PIX EOS, PIX End Of Sale, Astaro PIX Trade In
I managed to upgrade my MacBook to Leopard over the weekend. It was a dirt simple process. But, as with any upgrade there are bound to be problems. First and foremost is the problem with Check Point not having a SecureClient version ready for the new OS. It’s not like they didn’t have a clue it was coming after all. The second problem that I had was with my beloved Gimpshop application. It keeps bailing out on me with an unrecoverable error. Pisser. But, Myrcurial pointed me to an app called Seashore that does the trick.
Now, the part that I found irksome was with regards to the firewall in Leopard. It, as you have probably heard a few times by now, it is open by default.
Not smart.
Well, after I fixed that little mess I read this from Computer World:
If the user has set the firewall to “Set access…” and runs Skype, the icon will bounce a time or two on the dock, but not load. Nor does Leopard tell the user that Skype has failed or why it won’t launch. Only the Mac OS X Console gives a clue, with a message such as: 11/2/07 9:47:51 AM [0x0-0x35035].com.skype.skype[399] Check 1 failed. Can’t run Skype
“You can fix this by reinstalling Skype,” said Mogull, “and it will work until the next time it’s run. Then you have to reinstall Skype again. That’s a bit of a problem.”
Strange thing about that. I don’t have a problem with Skype. It works just fine.
Odd.
Tags: Leopard Firewall, OS X 10.5, OS X Firewall
Whoa, I’m finding this an interesting read from Heise. Apparently there are some buffer overflows in Checkpoint Firewall 1. The testers in question didn’t even have to resort to the use of fuzzers. The version as tested was R60.
From Heise:
Spanish security specialists Pentest have published a vulnerability analysis of Checkpoint’s Firewall-1 flagship product, in which they express doubts about the certification of the vendor’s Secure Platform R60 according to Common Criteria EAL4+. Their analysis has revealed several buffer overflows in command line utilities, which, in their opinion, should not have passed a reliable development cycle. While the experts were only able to exploit the vulnerabilities locally, they do not exclude the possibility of remote exploitation for the purpose of compromising systems.
According to Pentest, they have not even used fuzzing tools for their tests, but have simply used manipulated arguments to cause a buffer overflow in the programs; this does not comply with the vendor’s description of the relevant target of evaluation (TOE), i.e. the platform to be evaluated.
So my question is a simple one. How did this go undiscovered until now?
Tags: Checkpoint Firewall 1, Buffer Overflow, Checkpoint Exploits
In Check Point’s never ending quest to rule the security world, they announced today their IPS solution. Check Point is a world leader in firewall technology. They have recently made a great number of purchases, such as encryption provider PointSec, which I think were brilliant moves on their part.
Today’s announcement heralds the “what-could-have-been” for the failed Sourcefire purchase. I firmly believe that the blocking of this purchase by the Committee on Foreign Investments was political payback for their refusal to open their source code. A sad result.
With this addition to the Check Point arsenal we will see a greater push to the “one vendor to rule them all” approach that was talked about at the RSA Conference 2007 in San Francisco. The solution, a rebranded NFR, extends Check Point into yet another aspect of the security market that they had not really been in prior. I see Check Point as a provider that can deliver a lot of great products. Their firewall is rock solid. Mind you, the SMTP queue on the firewall is for shit. But, by and large this company has itself on a positive path.
Now, if they could just get their licensing models unf*cked.
Tags: Check Point, IPS-1, Intrusion Prevention, IDS, NFR
Well, seeing as how this is right up the alley here at Liquidmatrix.org I thought I would share it with the readers. Engadget has a piece on how to build a network firewall. Enjoy.
Network appliances don’t always offer all the firewalling features a user needs — you know, the advanced port blocking and security procedures we’d like to keep our little home network fiefdoms secure. In today’s How-To we’ll show you how to build a firewall out of an old PC with a live Linux CD and some spare ethernet cards. It’s the perfect use for that machine with the dead hard drive (or no hard drive at all).For this How-To you’ll need:
* A suitable PC, with a CD-ROM and USB port – we suggest a Pentium II
* At least two Ethernet ports (onboard + a second card or similar)
* A blank CD-R to burn the system CD
* USB thumb drive, floppy disk or hard drive.
…and of course a pound of advil and super absorbant paper towels. You’ll know when it happens.
Tags: Engadget, Network Firewall, Firewall, How to, Linux
For you Checkpoint users out there. There is now a SmartDefense update to managed this problem. This one of there better features available in the FW1 stable. I refer to this often as the “buying time” feature. 
Oracle Reports is an enterprise reporting tool that extracts data from multiple sources and inserts it into a formatted report. Oracle Reports fails to validate URI parameters, possibly allowing a remote attacker to read arbitrary files on the Reports Server.
Tags: Checkpoint, FW1, Oracle
Hey folks. Just wanted to let you all know that I’ll be presenting at the Checkpoint User group in Toronto on May 12th. Hope to see you there.
Update: Due to scheduling problems and a communication breakdown I was unable to attend. Pisser that.
Tags: Checkpoint
