|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Facts, not Fiction
Darren Reed (darrenr
cyber.com.au)
Sat, 8 Nov 1997 19:17:45 +1100 (EST)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Mike Shaver: "Re: R: New ftp behavior"
- Previous message: Darren Reed: "Re: FIN Scanning through all kind of packet-filtering firewalls?"
- Next in thread: Bennett Todd: "Re: Facts, not Fiction"
In some mail I received from Marcus J. Ranum, sie wrote
[...]
> >That is: Even though the setup was flawless, is there a known DOS-Attack
> >against these systems, can they be manipulated or do they pass data they
> >are not supposed to pass etc?
>
> Denial of service attacks have been known to work on several
> of the proxy type firewalls (which usually rely more on the
> vendor's provided IP stack) -- but just about *ANYTHING* seems
> to be vulnerable to some sort of denial of service attack. The
> more interesting problems are the ones where the firewall
> may start to pass data it's not supposed to -- those are less
> common bugs but they have happened as well.
An interesting one I was told about with FW-1 was with their remote
log monitoring. If you connected from a remote location, i.e. over
the Internet, to the workstation to examine logs, the logging would
fall over in a heap and not restart until you were able to do it from
the console (or wherever you need to be to do that). Whilst not a
DOS, per se, if an unfriendly were to do that, you'd be without any
sort of log information...
Darren
- Next message: Mike Shaver: "Re: R: New ftp behavior"
- Previous message: Darren Reed: "Re: FIN Scanning through all kind of packet-filtering firewalls?"
- Next in thread: Bennett Todd: "Re: Facts, not Fiction"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:48 CDT