Re: [ISN] Check Point boss snipes at Microsoft's security

From: InfoSec News (alerts@private)
Date: Mon Jun 11 2007 - 00:01:04 PDT


Forwarded from: security curmudgeon <jericho (at) attrition.org>

: http://www.techworld.com/security/news/index.cfm?newsID=9058
: 
: By Raphael Fogel
: 
: Check Point's chief executive has taken a swing at rival Microsoft, 
: saying its security products leave a lot to be desired.
: 
: Gil Shwed, also founder of the firewall vendor, made his remarks during 
: a lecture on the global security market, before a group of network 
: security managers at an IDC security conference in Israel.
: 
: "Microsoft has been in the security market for more than ten years. It 
: has firewall, VPN, anti-virus capabilities and disk encryption," Shwed 
: said. "But it doesn't have the leading products in any of them, and 
: apparently, the management and integration levels of its products is 
: unsatisfactory."

Why do security vendors insist on waving their virtual penis like this? 
Check Point, the same vendor with a steady stream of vulnerabilities in 
their enterprise/corporate products since 1998, possibly earlier? The same 
maker of Zone Alarm, their personal firewall that is a "$50-million-a-year 
business" that has had vulnerabilities published since 2000?

: He refrained from mentioning other rivals like Cisco and Juniper. But he 
: did say that security managers at major enterprises don't want to delve 
: into the nuts and bolts of the security systems and components under 
: offer. What they really want is a certificate guaranteeing that the 
: security systems and components meet the regulations.
: 
: They want to know their systems will be safe. They care less how that's 
: achieved.

Meeting regulations and 'being safe' are NOT mutually inclusive.

Check Point Connectra NGX sre/params.php ICS Security Bypass  				Jan 25, 2007  	
Check Point VPN/Firewall Traversal Arbitrary File Access 				Jul 24, 2006 	
Check Point VPN-1 SecureClient SR_Watchdog.exe Path Subversion Privilege Escalation 	Jan 17, 2006 	
Check Point Firewall-1 Internal Certificate Authority (ICA) Information Disclosure 	Jan 1, 2006 	
Check Point VPN-1 SecureClient Security Policy Bypass 					Dec 7, 2005 	
Check Point NGX R60 CIFS Rule Packet Verification Failure 				Sep 7, 2005 	
Check Point VPN-1 SecuRemote/SecureClient Registry Information Disclosure 		Jul 20, 2005 	
[..]

ZoneAlarm Pro vsdatant Driver Local DoS  							May 1, 2007  	
ZoneAlarm Spyware Removal Engine (SRE) srescan.sys IOCTL Handling Local Privilege Escalation 	Apr 20, 2007 	
ZoneAlarm vsdatant.sys Hooked SSDT Function Local Privilege Escalation 				Apr 15, 2007 	
ZoneAlarm VETFDDNT\Enum Registry Key Multiple Function DoS 					Jul 1, 2006 	
ZoneAlarm Security Suite VSMON.exe Path Subversion Local Privilege Escalation 			Mar 8, 2006 	
ZoneAlarm ShowHTMLDialog() Outbound Filter Bypass 						Nov 8, 2005 	
ZoneAlarm Pro DDE-IPC Method Ruleset Bypass 							Sep 29, 2005 	
ZoneAlarm Vet Anti-Virus Engine Remote Overflow 						May 23, 2005 	
ZoneAlarm vsdatant.sys NtConnectPort() Hook Invalid Pointer Dereference Remote DoS 		Feb 11, 2005 	
[..]


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Mon Jun 11 2007 - 00:10:42 PDT