Bugtraq mailing list archives
Re: Possible security hole
From: wbarrow () LOCKED COM (Warren Barrow)
Date: Mon, 29 Mar 1999 13:11:11 -0500
it is quite possible that -any- firewall may be incorrectly configured.. I would have to say that a good portion of firewalls are running in production mode with incorrect configurations. If you read -further- into the FW-1 documentation it states that it is highly advisable to enable "control ip forwarding at boot". ..with this option enabled, fw-1 will make sure the interface does not come up until the security policy is loaded and in place. If you are running firewall-1 v3.0b, it is time to upgrade... 4.0 is out and has many a fix added. -Warren Barrow/CCSE At 08:09 AM 3/29/99 -0300, you wrote:
Quoting Christoforos Karatzinis <chka () SOLUTIONS IE>: Hi, The FW1 documentation clearly states that there is a small delay after the interface initialize's and the FW starts acting on it. It is possible to do something "bad" to it in this period... Regards, Cristiano Lincoln Mattos Recife / BrazilThe first 25 packets were lost before the interface'sinitialization. Thepackets with sequence number greater than 34 are dropedfrom the firewall.What about the packets with sequence number 25-34? Is itpossible thatsomeone can use this time (after the interface'sinitialization and beforethe firewall's initialization) to do something bad? Regards, Christofer
Current thread:
- Re: Possible security hole Ryan Russell (Mar 28)
- Re: Possible security hole Darren Reed (Mar 29)
- <Possible follow-ups>
- Re: Possible security hole Cristiano Lincoln Mattos (Mar 29)
- Re: Possible security hole Warren Barrow (Mar 29)
- Re: Possible security hole Ryan Russell (Mar 29)