mailing list archives
Re: Ambiguities in TCP/IP - firewall bypassing
From: daw () mozart cs berkeley edu (David Wagner)
Date: 19 Oct 2002 00:18:50 GMT
Paul Starzetz wrote:
We believe that the flaws we have detected have a big impact on
design of firewalls and packet filters since an improper implementation
can easily lead to serious security problems.
Is there any reason to expect that such improper implementation
would be common?
As far as I know, the common case is packet filters that look at
only the ACK and SYN bits. A typical configuration: All incoming
packets with the ACK bit set are allowed, as are all outgoing packets.
The anomalies you found don't seem to pose any problems for such a
style of configuration.
Are you aware of any common configurations that are at risk?
Re: Ambiguities in TCP/IP - firewall bypassing Florian Weimer (Oct 19)
Re: Ambiguities in TCP/IP - firewall bypassing David Wagner (Oct 19)
RE: Ambiguities in TCP/IP - firewall bypassing Ofir Arkin (Oct 22)