I hope that everybody realizes that a firewall is nothing but a computer with 2 or more interfaces. The most common way to penetrate a firewall is to utilize weaknesses of the underlying OS or other features running on the same H/W. Therefor a firewall normally runs a stripped down version of a stable OS, Solaris and Linux are popular choices. But it's quite possible to write standalone S/W for a PC that even beats the marketleading CheckPoint (Firewall-1) and Cisco (Pix). Have a look at this test:
http://sartryckr.idg.se/art/Brandvag...102001eng.html