Bugtraq mailing list archives
Re: NT DoS on FW-1
From: cbrenton () SOVER NET (cbrenton)
Date: Tue, 16 Feb 1999 17:15:14 -0500
On Mon, 15 Feb 1999, Malikai wrote:
This issue can be fixed by simply implementing a stealthing rule on the firewall itself. The problem is in NT's stack, not the FireWalls.
This will *not* fix the problem as any stealth rules are implemented after the Properties settings. This means that all the FW-1 control ports (9 or so), ICMP, DNS, etc. etc. are still left open. Check out: http://www.geek-speak.net/fw1/fw1_properties.html You would need to nuke your properties settings before creating a stealth rule to have it be effective. Happy hunting, Chris -- ************************************** cbrenton () sover net * Multiprotocol Network Design & Troubleshooting http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet * Mastering Network Security http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
Current thread:
- Re: NT DoS on FW-1 Malikai (Feb 15)
- Canc0n99/2k HWA Staff (Feb 16)
- Quake client killer Tim Fletcher (Feb 16)
- Quakeworld client killer followup Tim Fletcher (Feb 18)
- Re: NT DoS on FW-1 cbrenton (Feb 16)
- <Possible follow-ups>
- Re: NT DoS on FW-1 Matt Hargett (Feb 21)