Bugtraq mailing list archives
Re: Kerio Personal Firewall DOS Vulnerability
From: Jason Giglio <jgiglio () netmar com>
Date: Mon, 26 Aug 2002 11:24:12 -0400
I don't know if this is related, but I know WinRoute 2.x had hard coded built in connection throttling, even doing an nmap SYN scan from INSIDE the firewall would DoS yourself. I don't know how much of the codebase is shared between the two products, but I'd expect they mostly are the same. This has been an issue for a long time if this is indeed the same thing. On Mon, 26 Aug 2002 21:59:22 +0800 "Abraham Lincoln" <sunninja () scientist com> wrote:
Test bed: [*Nix b0x with Synflooder] <===[10/100mbps switch===> [Host with KPF] 1] DoS vulnerability with Kerio Personal Firewall 2.x.x Default Installation - KPF is vulnerable with Synflood attack by sending minimum of 300 syn packets the target host will stop from responding, 100% of the CPU utilization will be consumed and eventually hangs-up the machine. 2] Setting the Personal firewall to High Security and Block all services and Protocols. - It is quite similar to the first one but the personal firewall is configured to block all services and protocols. After sending a minimum of 500 syn packets from port 1-1024. The host will stop from responding, 100% of the CPU utilization will be consumed.
Current thread:
- Kerio Personal Firewall DOS Vulnerability Abraham Lincoln (Aug 26)
- Re: Kerio Personal Firewall DOS Vulnerability Jason Giglio (Aug 26)