Firewall Wizards mailing list archives
Re: Firewall robustness
From: Bernhard Schneck <Bernhard_Schneck () genua de>
Date: Fri, 03 Oct 1997 13:12:57 +0200
In message <97Oct2.123502gmt+0100.15235 () ddnfw0 namsa nato int> you write:
This being said here is my question: Is it correct to believe that attacks directed against the TCP/IP stack (like the famous (infamous?) OOB attack family ) could lead to crash an NT Firewall where a Unix based firewall should continue to run?
Well ... there were a bunch of Unix based (or lookalike) systems which were affected by ping-of-death (for more information, see http://www.sophist.demon.co.uk/ping/) So generally I'd say *every* system may be vulnerable, unless its TCP/IP (and other kernel services) implementation has been formally proven to be correct (Ha Ha Ha!) On the other hand, many Unix systems have been beaten pretty hard for the last 20 some years, so the more obvious bugs should be fixed by now (but several vendors take incredibly long for getting out fixes). NT is being targeted since one or two years and does pretty well (considering the company it comes from :-), but may still need some more shaking (IMHO). \Bernhard.
Current thread:
- Firewall robustness Thierry GUINET (Oct 02)
- Re: Firewall robustness Bernhard Schneck (Oct 03)
- <Possible follow-ups>
- Re: Firewall robustness Dominique Brezinski (Oct 02)
- Re: Firewall robustness Bill Stout (Oct 02)