Re: Sudan Bank Hacked, Bin Laden Info Found - Hacker

[InfoSec News <isn () c4i org>]

Forwarded from: Patrick Oonk <patrick () pine nl>

On Sun, Sep 30, 2001 at 05:23:22AM -0500, InfoSec News wrote:
> Forwarded from: Tim Slighter <timslighter () home com>
>
> I read that story and I would like to have the glorious opportunity of
> confronting the "so-called" hackers to find specifics on how exactly
> they managed to bypass perimeter defense.  First off, what Financial
> Institution would be stupid enough to place DNS on the same server as
> the Firewall ? (especially if there was 50 Million of that guy's cash
> there), Secondly, even if they had done something so stupid as placing
> DNS on the Firewall, the only bypass vulnerability that Checkpoint
> Firewall-1 has been known to have is the PASV FTP where a one way
> connection could be exploited given very specific conditions.  
> Assuming that they had gained access, then the initial claim that they
> had "hacked" the DNS server would indicate that access was gained via
> port 53 or a known exploit via DNS, this however, would not provide
> them with any known exploits by which to bypass the Firewall.  The
> more I research this and the more I think about it, that story has
> more holes in it than Swiss Cheese.  What a HOAX !!

Another thing someone pointed out at me: why would an Islamic bank in
Sudan use the Israeli product Checkpoint Firewall-1 ?

        Patrick

-- 
 patrick oonk - pine internet - patrick () pine nl - www.pine.nl/~patrick
 T:+31-70-3111010 - F:+31-70-3111011 - Read news at http://security.nl 
 PGPID 155C3934  fp DD29 1787 8F49 51B8 4FDF  2F64 A65C 42AE 155C 3934
 Excuse of the day: We've picked COBOL as the language of
 choice.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.