Firewall Wizards mailing list archives
Re: Variations of firewall ruleset bypass via FTP
From: Paul Robertson <proberts () patriot net>
Date: Fri, 11 Oct 2002 15:49:12 -0400 (EDT)
On Sat, 12 Oct 2002, Darren Reed wrote:
This deserves more treatment than I have given it because I'm sure it is a reflection of an attitude people form when they have no understanding of roles and responsibilities people have, never mind what "software engineering" is, beyond a simple "hack on it" mentality.
I think you're taking it more personally than you should[1], let me see if I can take a less inflamitory stance...
So your reading, of my saying meaning the "someone else" to be the users is quite incorrect. What I said was, literally, quite correct.
I think what Mikael's concern was (and he'll pipe up if I'm wrong, I'm sure) is that folks looking at the vuln. note will see "IPFilter- Not vulnerable." and stop there, rather than looking for a Net- or Free- entry. "Check the specific OS line, or your version number, or upgrade." Might be more helpful too. Please note I'm saying this with no direct evidence that the versions shipping with any prior version of Net- are or aren't vulnerable- because I think that's irrelevant to the point. It's really about making sure people know they should upgrade, not about a particular implementation. That's why I think it was irresponsible for anyone else to talk about IPF's status, but if they shouldn't, then you most certainly need to- and it should be verbose enough to ensure that folks using IPF don't get the wrong idea. Let's face it, most people don't run up-to-date systems, and we need to point them to upgrades when we can. It may well be the responsibility of the individual admin to check and read and dig for info, but since we *know* that's going to fail more times than it doesn't (and this isn't a shot at Net- admins, most of my evidence is based on OTHER *nix OS', I'm just not sure the Net- folks are any different than anyone else.) We can make it easier to encourage people to upgrade, or not, and I think a lot of us are advocating that, nothing more. If I were still admining NetBSD systems in production, I'd look at the IPF entry well before I'd look at the NetBSD entry because I'd expect you to have more complete and accurate information. Maybe that's the wrong way to look at it, but I think that's the gist of the case Mikael proposed. Paul [1] Yes, that's really easy to say when you're not the person under fire. ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Al Potter (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- <Possible follow-ups>
- Re: Variations of firewall ruleset bypass via FTP Philip J. Koenig (Oct 14)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 14)