Firewall Wizards mailing list archives
MSBlast circumventing host firewall
From: "Josh Welch" <jwelch () buffalowildwings com>
Date: Fri, 15 Aug 2003 16:40:14 -0500
We've sites which are running Winproxy on one of their workstations acting as the firewall. This product was chosen not for its firewall capabilities, but for its proxy capabilities, and this was some time ago. It was then decided that this was our firewall at these locations because there was a tab labeled firewall. It appears that the firewall was configured to prevent connections to TCP 135 (most connections actually), but msblast blew right past it and infected the machine running winproxy. I'm investigating this right now to see if there was a misconfiguration issue or what. I've also heard a rumor about someone using Norton's firewall being infected. These could all be results of misconfiguration issues, but I'm curious if anyone else has seen issues with these types of products. Thanks, Josh _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- MSBlast circumventing host firewall Josh Welch (Aug 17)
- RE: MSBlast circumventing host firewall Paul Matuszewski (Aug 18)
- RE: MSBlast circumventing host firewall Paul Robertson (Aug 18)
- RE: MSBlast circumventing host firewall Paul Matuszewski (Aug 18)