OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Re: Penetration testing via shrinkware

Re: Penetration testing via shrinkware

tqbf (ashlandpobox.com)
Mon, 21 Sep 1998 18:34:34 -0400 (EDT)

> True, but the same can be said for firewalls, in that there are always new
> attack mechanisms being developed to defeat firewalls; so in a sense they
> are never complete either. Certification of firewalls is usually

I do not believe this is the case. I think most attacks against firewalls
(attacks designed to subvert the protection provided by firewalls) take
advantage of implementation problems (ie, SYN+FIN ignored) or design
problems (ie, first-fragment filtering). These problems exploit defects in
firewall software; they violate design requirements.

The discovery of the ToolTalk RPC hole last month did not violate a design
goal of CCS or ISS; neither product was designed to detect the problem.
When detection of this vulnerability is built into scanner products,
failure to detect the ttdbserverd overflow will be a defect, in the same
sense as bad fragment filtering is a defect in a firewall.

We're comparing apples to oranges here, though.

-----------------------------------------------------------------------------
Thomas H. Ptacek Network Security Research Team, NAI
-----------------------------------------------------------------------------
                                    "If you're so special, why aren't you dead?"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:47 CDT