Bugtraq mailing list archives
RE: Authentication Vulnerability in NetScreen ScreenOS
From: "Brian Soby" <tmpbox5 () hotmail com>
Date: Thu, 26 Jun 2003 17:37:53 +0000
However, after a user is authenticated, anyone else may also access the protected services if they orginate from the same source IP address (NAT'd network). The authentication mechanism is designed to authenticate based on source-ip address only.
Most firewalls track authenticated users based on the client's source IP address. If you need a stronger method, you could always use the Netscreen Remote client software and require a secure tunnel from the clients to get to your protected resources.
-Brian Soby _________________________________________________________________The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- Authentication Vulnerability in NetScreen ScreenOS HedgeHog (Jun 25)
- <Possible follow-ups>
- RE: Authentication Vulnerability in NetScreen ScreenOS Brian Soby (Jun 26)
- RE: Authentication Vulnerability in NetScreen ScreenOS Hugo van der Kooij (Jun 26)