Bugtraq mailing list archives
Re: Default configuration in WatchGuard Firewall
From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Sun, 5 Sep 1999 13:07:58 +0200
On Thu, 2 Sep 1999, Alfonso Lazaro wrote:
So if our firebox is defending our internal network ( 192.168.x.x ... ) and our WG Firewall is a proxie with an external ip in internet ( 100.100.100.100 hipotetic ip address ) the atacker can change his/her routes like so : # route add -net 192.168.0.0 netmask 255.255.255.0 gw 100.100.100.100
I am afraid this will work only if either of these conditions is true: 1. the attacker is connected directly to the firebox's external interface 2. the attacker's OS will source route such packets and every intermediate router will honor the specified source routing --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- Default configuration in WatchGuard Firewall Alfonso Lazaro (Sep 02)
- Re: Default configuration in WatchGuard Firewall Chris Brenton (Sep 04)
- Re: Default configuration in WatchGuard Firewall Pavel Kankovsky (Sep 05)
- <Possible follow-ups>
- Re: Default configuration in WatchGuard Firewall Ryan Russell (Sep 04)
- Disabling everything Dr. Joel M. Hoffman (Sep 09)
- Re: Default configuration in WatchGuard Firewall Steve Fallin (Sep 07)
- Re: Default configuration in WatchGuard Firewall Steve Fallin (Sep 13)
- Re: Default configuration in WatchGuard Firewall Matt Bruce (Sep 14)