Bugtraq mailing list archives
Addendum: Analysis of jolt2.c (MS00-029)
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Fri, 26 May 2000 15:18:38 +0200
----------------------------------------------------------------- Subject: Addendum to Analysis of jolt2.c Date: 2000-05-26 Author: Mikael Olsson, EnterNet Sweden <mikael.olsson () enternet se> ------------------------------------------------------------------ I failed to mention proxy based firewalls in the discussion on wether firewalls will protect against this attack or not. Fact 1: A proxy firewall will NOT pass this attack pattern to the protected network. Fact 2: If the proxy firewall is running on a vulnerable OS and doesn't have its own network layer code (relies on the MS stack), the attack will DoS the firewall itself. The fact of the matter is, any type firewall that runs on top of Win9x/NT that doesn't have its own network layer code is vulnerable to this attack. I will _not_ speculate on which Windows based firewalls are vulnerable or not. -- Mikael Olsson, EnterNet Sweden AB, Box 393, SE-891 28 ÖRNSKÖLDSVIK Phone: +46-(0)660-29 92 00 Fax: +46-(0)660-122 50 Mobile: +46-(0)70-66 77 636 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Addendum: Analysis of jolt2.c (MS00-029) Mikael Olsson (May 26)