> -----Original Message----- > From: Larry Pingree [SMTP:larryp@secure-it.net] > > A problem exists in the Firewall-1 3.0b Session Agent > > All communications from the Firewall-1 Module to the session agent are > non-encrypted. Thus also allowing these communication to be snooped for > usernames and passwords. I think it's worth noting that Checkpoint states that the included Session Agent is a 'demo' and not officially supported. The real problem is the protocol they have defined. Even if you attempt to write a secure version it wouldn't interoperate with the firewall. Brooke
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:43 PDT