Bugtraq mailing list archives
Re: ICMP pokes holes in firewalls...
From: H D Moore <hdm () digitaloffense net>, (by way of Lucio <lucio () pixel it>)
Date: Fri, 26 Sep 2003 11:54:57 +0000
Only if these systems are running kernel version 2.2, the 2.4 NAT system has been rewritten and is not vulnerable. On Friday 26 September 2003 04:55 am, Lucio wrote:
This also applies to Linux NAT gateways.I'm rellay not an expert in building a firewall with a Linux box, but I've tried twice and now I have two customers happy of their unexpensive Linux based firewall. These firewalls offer also NAT functionality to the respective LANs they protect and use iptables rules with stateful inspection to filter the packets. Both customers have a DNS in between the linux firewall and the ISP's router. Are they vulnerable to any of those attacks?
Current thread:
- ICMP pokes holes in firewalls... bugtraq (Sep 25)
- Re: ICMP pokes holes in firewalls... H D Moore (Sep 25)
- Re: ICMP pokes holes in firewalls... Lucio (Sep 26)
- Re: ICMP pokes holes in firewalls... Darren Reed (Sep 26)
- Re: ICMP pokes holes in firewalls... Daniel Hartmeier (Sep 27)
- Re: ICMP pokes holes in firewalls... Darren Reed (Sep 27)
- Re: ICMP pokes holes in firewalls... Daniel Hartmeier (Sep 27)
- <Possible follow-ups>
- RE: ICMP pokes holes in firewalls... Daniel Chemko (Sep 25)
- Re: ICMP pokes holes in firewalls... H D Moore (Sep 26)
- Re: ICMP pokes holes in firewalls... Darren Reed (Sep 26)
- Re: ICMP pokes holes in firewalls... H D Moore (Sep 25)