|
Firewall Wizards
mailing list archives
Re: Facts, not Fiction
From: Darren Reed <darrenr () cyber com au>
Date: Sat, 8 Nov 1997 19:17:45 +1100 (EST)
In some mail I received from Marcus J. Ranum, sie wrote
[...]
That is: Even though the setup was flawless, is there a known DOS-Attack
against these systems, can they be manipulated or do they pass data they
are not supposed to pass etc?
Denial of service attacks have been known to work on several
of the proxy type firewalls (which usually rely more on the
vendor's provided IP stack) -- but just about *ANYTHING* seems
to be vulnerable to some sort of denial of service attack. The
more interesting problems are the ones where the firewall
may start to pass data it's not supposed to -- those are less
common bugs but they have happened as well.
An interesting one I was told about with FW-1 was with their remote
log monitoring. If you connected from a remote location, i.e. over
the Internet, to the workstation to examine logs, the logging would
fall over in a heap and not restart until you were able to do it from
the console (or wherever you need to be to do that). Whilst not a
DOS, per se, if an unfriendly were to do that, you'd be without any
sort of log information...
Darren
 By Date 
By Thread
Current thread:
|
Intro
