OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: WatchGuard SOHO v2.2.1 DoS
From: Steve Fallin (Steve.FallinWATCHGUARD.COM)
Date: Fri Dec 08 2000 - 18:20:12 CST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On December 1, 2000, members of Securax in Belgium contacted
WatchGuard with details of a Denial of Service attack against our SOHO
class Fireboxes. Securax observed a low resource condition on the SOHO
that may lead to a system failure when a large number of web page
requests are sent to the management (HTTP) server on the SOHO itself.
The typical and recommended configuration for the SOHO is that these
pages only be available from the trusted network.

We are in contact with Securax and are trying to reproduce the
symptoms that they observed. Once the problem has been characterized
and resolved, WatchGuard will distribute the resolution to its
customers and post a notice
of resolution to this forum. If you have any information that may be
pertinent to this investigation, please forward it to
mailto:steve.fallinwatchguard.com

Sincerely

Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2

iQA/AwUBOjF7YU3Vi9lbkWzpEQKulQCg8+8pEu2pAdqeIGQK+/K/jSRXgk0Ani7S
h53u+KNYDMVLl5HePdQLG4Q7
=xiCV
-----END PGP SIGNATURE-----