[67243] in North American Network Operators' Group
RE: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
daemon@ATHENA.MIT.EDU (McBurnett, Jim)
Fri Feb 6 09:51:22 2004
Date: Fri, 6 Feb 2004 09:43:25 -0500
From: "McBurnett, Jim" <jmcburnett@msmgmt.com>
To: "Rubens Kuhl Jr." <rubens@email.com>,
"Steven M. Bellovin" <smb@research.att.com>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
->
->> Why is that bad? I have no objection to giving vendors a reasonable
->> amount of time to fix problems before announcing the whole.=20
-> Or is your
->> point that two days hardly seems like enough time to develop -- and
->> *test* -- a fix?
HMMM,
If I was a real hacker, and I found the problem, might I also know the =
fix?
And if I was really nice, would I give that fix to the vendor?
Or could it be that a former Checkpoint employee is now an ISS employee?
Or .....?
J
