Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Novell ICS appliance and iChain
From: Graeme Fowler <graeme.f () WEBFUSION CO UK>
Date: Thu, 23 Nov 2000 09:54:59 -0000

Dave Edwards wrote:
Subject: [PEN-TEST] Novell ICS appliance and iChain

Anyone had a look at these yet?

In a previous job I had a play with an ICS last year, in another guise
whilst it was being test marketed. We broke it in a matter of seconds by
sending the proxy server a TCP CONNECT request which then connected to
its' own chargen port.

I believe this may have been fixed - however any vendor daft enough to
leave a box in that state during testing *must* have left some other
holes in it somewhere...

Graeme


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]