|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David Fernández Madrid (conde0_at_TELEFONICA.NET)
Date: Wed Jan 22 2003 - 13:35:50 CST
Issue : Full access to open udp ports with Sygate Pro 5.0
Vendor status : vendor was contacted but got no response
from them
Description:
Sygate Pro is a personal firewall very easy to configure.No rules
are installed in a default configuration.A default installation pretends
to be enough to block all accesses to your ports.
By default , traffic from udp source port 137 or 138 is allowed by
the firewall , so to bypass it you just have to set your source port
to 137 or 138.Doing this all packets addressed to an open udp port
will be forwarded by the firewall
Attack :
nmap -vv -P0 -sU 192.168.0.1 -g 137
Recommendation :
Set a rule to block all incoming udp traffic with source
port 137 and 138
Regards,
David Fernandez Madrid,
Madrid,Spain
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure Corporation
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
TICSA - Anniversary Special - Limited Time
Become TICSA certified for just $221.25 US when you register before 3/31/03
with PROMO "TS0103" at www.2test.com. NO membership fees, certification
good for 2 years. Price for international delivery just $296.25 US, with
this offer. Offer cannot be combined with any other special and expires
3/31/03. Visit www.trusecure.com/ticsa for full details.
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]