Penetration Testing mailing list archives
Re: [PEN-TEST] Citrix
From: "van der Kooij, Hugo" <Hugo.van.der.Kooij () CAIW NL>
Date: Tue, 10 Oct 2000 21:46:20 +0200
On Tue, 10 Oct 2000, Beauregard, Claude Q wrote:
I consider a hole any function of the firewall that opens a port to provide direct access to an internal network resource in this a case a Citrix server.
I think most wether or not this is a whole is wether or not some additional checks are made on the traffic passing. If the traffic isn't checked then it is a hole. However if strict protocol checking is done this may not be a hole at all. Wether or not the ICA protocol is enforcable is something I can't judge. Hugo. -- Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland hvdkooij () caiw nl http://home.kabelfoon.nl/~hvdkooij/ -------------------------------------------------------------- Quoting this tagline is illegal! (http://www.dtcc.edu/cs/rfc1855.html)
Current thread:
- [PEN-TEST] Citrix Beauregard, Claude Q (Oct 09)
- Re: [PEN-TEST] Citrix van der Kooij, Hugo (Oct 10)
- Re: [PEN-TEST] Citrix Peter Van Epp (Oct 10)
- Re: [PEN-TEST] Citrix Ryan Russell (Oct 10)
- Re: [PEN-TEST] Citrix Christopher Winter (Oct 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Citrix Beauregard, Claude Q (Oct 10)
- Re: [PEN-TEST] Citrix van der Kooij, Hugo (Oct 10)
- Re: [PEN-TEST] Citrix van der Kooij, Hugo (Oct 10)