Firewall Wizards mailing list archives
RE: Proxy 2.0 secure?
From: "Choi, Byoung" <bchoi () visa com>
Date: Mon, 29 Jun 1998 11:04:15 -0700
I hate the idea of being an unpaid ms debugger, but guess it'll do good for people using their products. set'em up and let's see what happens. i assume you'll coordinate the event - scheduling who'll do what type of probing at which time. b- ---------- From: Brian Steele Sent: Friday, June 26, 1998 4:52 PM To: Choi, Byoung; 'Mark Horn [ Net Ops ]' Cc: Stout, Bill; Firewall-wizards Subject: Re: Proxy 2.0 secure? >I found at least three types of hacks generating malformed packets that >knocked out NT boxes with all the patches available from ms) A few months ago, when our NT server was crashed about 23 times in one day by a hacker on the Internet sending malformed packets and the like, MS recommended to me (before they brought out the relevant fix) that I install Proxy Server 2.0 on the server to fix the problem. They also said that if I implement filtering at the router before the server, that may cure the problem as well. As I'm absolutely clueless about CISCO router configs, I downloaded the MSP trial version. The attacks stopped afterwards, but I don't know whether this was due to the MSP, or the hacker moving his efforts to more fertile grounds. So, how's about a test guys? I think I can find a spare PC somewhere among the office spares. I can set up the most insecure "secure" MSP 2.0 system that I know of for testing as follows: 1. Load up a copy of NTS4.0 (with all nnn hotfixes, lol) on a PC with two net cards, one facing the Internet, the other facing the local LAN. 2. Configure the server to be a PDC 3. Install MSP 2.0 on top of it 4. Install and configure MS RRAS (latest version) 5. Install a Win 95 PC on the "internal LAN" 6. Configure the MSP server to allow PPTP and outgoing HTTP. Your task, should you choose to accept it, would be to test the security of this system, via the usual DoS attacks, etc., etc. with "bonus points" for retrieving account information (usernames, passwords) or protected files from the server, and even more bonus points if you're able to access a file from a share on the Win95 box behind the server. If you succeed, my only request is that your post your method (and results) to this list, and cc to Microsoft. The intent of the test is to show whether or not NT-based firewall systems are as good as their UNIX cousins. Configuration will take a few days (most of which will involve identifying which PC to use among our spares :-)). Any takers? Brian Steele
Current thread:
- Re: Proxy 2.0 secure?, (continued)
- Re: Proxy 2.0 secure? Rodney van den Oever (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- Re: Proxy 2.0 secure? John McDermott (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? NetSurfer (Jun 30)
- Re: Proxy 2.0 secure? John McDermott (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- Re: Proxy 2.0 secure? ark (Jun 29)
- RE: Proxy 2.0 secure? Choi, Byoung (Jun 29)
- Re: Proxy 2.0 secure? Brian Steele (Jun 29)
- Re: Proxy 2.0 secure? Ryan Russell (Jun 29)
- Re: Proxy 2.0 secure? tqbf (Jun 29)
- Re: Proxy 2.0 secure? Peter Jeremy (Jun 30)
- Re: Proxy 2.0 secure? tqbf (Jun 30)
- Re: Proxy 2.0 secure? ark (Jun 30)
- RE: Proxy 2.0 secure? Safier, Adam (GEIS) (Jun 30)