Re: CheckPoint FW1 BUG (fwd)

[kisza () SCH BME HU (Kis-Szabo Andras)]

Hi,

> If you flood port 264 ( FW1_topo ) from your local network, the Firewall-1
> CPU reaches 100% and nobody can connect with GUI ( neither on the firewall
> itself ).
> The test has been done on a local 10 MB Ethernet against a PII 266 256 MB,
> FW1 4.1 SP1 in a NT 4.0 SP4 with the ippacket software and spoofing the
> source IP, and that´s the packet sent :

I've got 2 question:
- is the DoS present on SUN/Solaris platforms? ( || only NT?)
- if You deny the FireWall-1 controll connections on the
  properties screen, and add the minimum rules to the rulebase
  with specify the explicit src/dst addressess (and controll protocolls)
  , stops the DoS, or not? (CheckPoint using the interface correctly?)

REgards,

        kisza

--
  Kis-Szabo Andras          Budapest University of Technology and Economics
---------------------------/    Schonherz Dormitory
      kisza () sch bme hu    /---------------------------------33O-->>>>.Info