Bugtraq mailing list archives
Re: BUG: Win NT TCP/IP Security filters does not get enforced
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Tue, 12 Oct 1999 10:33:54 -0700
At 03:21 PM 10/10/99 +0200, Stefan Norberg wrote:
However, I still consider it a bug. The GUI is misleading. If I configure the TCP/IP security using the GUI to "Permit *only* IP protocols: 6 (TCP)". Then EVERYTHING including ICMP and UDP (regardless of other settings) should be denied and NT should send an ICMP unreachable.
The GUI could definately be improved - here's the deal - the protocol box allows you to regulate any protocols except TCP, UDP and ICMP. The other 2 boxes regulate TCP and UDP respectively - the protocol box won't control them. Note that ICMP isn't controlled by this dialog at all. IMHO, the online help could also be improved - none of these details are in the online help. Also note that this dialog controls _incoming_ packets only - outgoing packets are _not_ regulated. IIRC, frags are filtered after re-assembly. Hope this helps. David LeBlanc dleblanc () mindspring com
Current thread:
- BUG: Win NT TCP/IP Security filters does not get enforced Stefan Norberg (Oct 08)
- Re: BUG: Win NT TCP/IP Security filters does not get enforced Stefan Norberg (Oct 10)
- Re: BUG: Win NT TCP/IP Security filters does not get enforced David LeBlanc (Oct 12)
- SCO OpenServer 5.0.5 overwrite /etc/shadow Brock Tellier (Oct 11)
- IE 5.0 security vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand Georgi Guninski (Oct 11)
- Re: SCO OpenServer 5.0.5 overwrite /etc/shadow Bela Lubkin (Oct 11)
- Re: SCO OpenServer 5.0.5 overwrite /etc/shadow Ralph the Wonder Llama (Oct 12)
- Re: SCO OpenServer 5.0.5 overwrite /etc/shadow Bela Lubkin (Oct 12)
- Xerox DocuColor 4 LP D.O.S Jason Lutz (Oct 13)
- Security of "Virtual Network Computer" Mikael Olsson (Oct 12)
- Re: Security of "Virtual Network Computer" Cameron Simpson (Oct 12)
- Re: Security of "Virtual Network Computer" Dan Foster (Oct 12)
- Re: Security of "Virtual Network Computer" Luca Berra (Oct 13)
- Re: BUG: Win NT TCP/IP Security filters does not get enforced Stefan Norberg (Oct 10)