Firewall Wizards: RE: port 256/257 and firewall-1

[Scott Blake <blake () netegrity com>]

As I said, limited testing.  I've tested out of band data and a few fuzz
tests.  FW-1 appears to simply ignore everything that isn't strictly
what it wants.  Clearly, I don't have the definitive answer on this
subject.  Perhaps someone with more time could take this ball and report
their results?

-s

Scott Blake, Network Security Architect
Netegrity, Inc.
blake () security com

> -----Original Message-----
> From: Paul D. Robertson [SMTP:proberts () clark net]
> Sent: Thursday, October 23, 1997 9:23 AM
> To:   Scott Blake
> Cc:   firewall-wizards () nfr net
> Subject:      RE: port 256/257 and firewall-1
>
> On Wed, 22 Oct 1997, Scott Blake wrote:
>
> > they appear to be reasonably safe against DoS attacks (I'd love to
> hear
>
> Can you define what sorts of DoS attacks you've tried?  
>
> eg:
>
> Fragmented packets with missing fragments
> Packets sourced from loopback
> Extremely large packets
> Extremely small packets
> Floods
> Broadcasts
> /dev/random payloads
> etc....
>
> Thanks,
>
> Paul
> ----------------------------------------------------------------------
> -------
> Paul D. Robertson      "My statements in this message are personal
> opinions
> proberts () clark net      which may have no basis whatsoever in fact."
>
> PSB#9280