Bugtraq mailing list archives

Re: Default configuration in WatchGuard Firewall

From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Sun, 5 Sep 1999 13:07:58 +0200


On Thu, 2 Sep 1999, Alfonso Lazaro wrote:

      So if our firebox is defending our internal network ( 192.168.x.x ... )
and our WG Firewall is a proxie with an external ip in internet ( 100.100.100.100 hipotetic ip address ) the atacker 
can change his/her routes like so :

      # route add -net 192.168.0.0 netmask 255.255.255.0 gw 100.100.100.100


I am afraid this will work only if either of these conditions is true:
1. the attacker is connected directly to the firebox's external interface
2. the attacker's OS will source route such packets and every intermediate
   router will honor the specified source routing

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

Default configuration in WatchGuard Firewall Alfonso Lazaro (Sep 02)
- Re: Default configuration in WatchGuard Firewall Chris Brenton (Sep 04)
- Re: Default configuration in WatchGuard Firewall Pavel Kankovsky (Sep 05)
- <Possible follow-ups>
- Re: Default configuration in WatchGuard Firewall Ryan Russell (Sep 04)
  - Disabling everything Dr. Joel M. Hoffman (Sep 09)
- Re: Default configuration in WatchGuard Firewall Steve Fallin (Sep 07)
- Re: Default configuration in WatchGuard Firewall Steve Fallin (Sep 13)
- Re: Default configuration in WatchGuard Firewall Matt Bruce (Sep 14)