Firewall Wizards mailing list archives
RE: Wingate?
From: "H. Morrow Long" <morrow.long () yale edu>
Date: Thu, 11 Dec 1997 12:11:50 -0500 (EST)
- James Strompolis On an older version of Wingate, there was a hole that could let anyone in. It was there by design. I'm a little fuzzy on the details now. Do a search for Wingate on DejaNews in the computer security groups and you will find articles relating to this problem.
The hole was that the telnet proxy would allow outsiders to use your proxy to connect out to other sites on the Internet. They could then hide their originating IP address from the ultimate destination or attempt to get around US-only IP address restrictions, etc. Many anon FTP server can be used for a similar 'bounce' attack. See the recent CERT msg on this subject. The wingate proxy by design never allowed unrestricted access to the internal network by default as far as I know. H. Morrow Long, Yale Univ IT ISO -Info Technology Services Info Security Officer 175 Whitney Avenue, New Haven, CT 06520-8276, (203)432-1248(voice) 432-0593(FAX) INET: http://pantheon.yale.edu/~long/ mailto:Morrow.Long () yale edu PAGE: (203)370-3081, (800)347-2574, mailto:1165469 () pager mcb com PIN# 1165469 PGP 1024/54F9FD69 1997/08/25 fp 97 ED E7 9D 41 8A 90 8C 4D 7C 22 56 80 BA 84 09
Current thread:
- Wingate? -= ArkanoiD =- (Dec 08)
- Re: Wingate? Magossa'nyi A'rpa'd (Dec 11)
- SAP ITS Arjo Mukherjee (Dec 11)
- <Possible follow-ups>
- Re: Wingate? Leonid S Knyshov (Dec 08)
- RE: Wingate? James Strompolis (Dec 08)
- Re: Wingate? -= ArkanoiD =- (Dec 11)
- RE: Wingate? James Strompolis (Dec 11)
- RE: Wingate? H. Morrow Long (Dec 11)
- RE: Wingate? James Strompolis (Dec 12)
- Re: Wingate? Magossa'nyi A'rpa'd (Dec 11)