Bugtraq mailing list archives
Re: Gauntlet 5.0 BSDI warning
From: kyoung () V-ONE COM (Keith Young)
Date: Mon, 18 Oct 1999 17:42:33 -0400
First, an update. NAI has already released a fix regarding my original e-mail. You can download it from: http://www.tis.com/support/patch50.html Thanks to NAI support for getting a fix out so quickly. Strange wrote:
According to the folks we asked at NAI in June about the Gauntlet install procedure (on all supported OSes), the install order to be used is: Install OS Install OS patches Install Gauntlet Install Gauntlet patches never install any OS patches again
True, but many people install the firewall then the OS vendor releases a patch.
Because of that last nasty gotcha, we use a firewall builder box when we want to "patch" the firewalls. We then pull the newly-built drives, and swap them into the extant firewall box. Lather, rinse, repeat.
You are a stronger person than I... I wouldn't want to have to keep securing the OS on a box and "reinstalling" the firewall everytime the OS/firewall vendor releases an important patch... :-)
Interestingly, this is what the vendor told us to *always* do, under *all* circumstances. I'd say that if you're going to apply vendor patches, you should assume you have to do a full Gauntlet reinstall because Gauntlet 5.0 replaces some key kernel items.
See above....
I.e., a vendor patch replaced code that the gauntlet had already replaced.
Exactly.
I am wondering if this is *really* a Gauntlet bug or a Gauntlet vendor documentation bug.
Which is why the word "bug" never appeared in the original alert. Had the M310-049 patch not been required for the kernel patch install, very few of us would have run into the problem.
(they do not, as far as we could tell, make it plain that you should not apply vendor patches after installing the firewall)
Not exactly true. Look here: http://www.tis.com/support/bsd31.html --Keith -kyoung () v-one com
Current thread:
- Security of "Virtual Network Computer", (continued)
- Security of "Virtual Network Computer" Mikael Olsson (Oct 12)
- Re: Security of "Virtual Network Computer" Cameron Simpson (Oct 12)
- Re: Security of "Virtual Network Computer" Dan Foster (Oct 12)
- Re: Security of "Virtual Network Computer" Luca Berra (Oct 13)
- Finjan Alert: WinNT.Infis Trojan by way of Tim Wieneke (Oct 13)
- The old "." problem nblasgen () NICK REFRACT COM (Oct 13)
- Re: The old "." problem David Zverina (Oct 14)
- Re: The old "." problem S.Faust (Oct 16)
- Gauntlet 5.0 BSDI warning Keith Young (Oct 18)
- Re: Gauntlet 5.0 BSDI warning Strange (Oct 18)
- Re: Gauntlet 5.0 BSDI warning Keith Young (Oct 18)
- Email virus on the prowel Albert Hopkins (Oct 19)
- Security of "Virtual Network Computer" Mikael Olsson (Oct 12)
- Another Microsoft Java Flaw Disovered Gary McGraw (Oct 14)
- Administrivia Elias Levy (Oct 14)