Firewall Wizards mailing list archives
Re: Firewall robustness
From: Bill Stout <stoutb () pios com>
Date: Thu, 02 Oct 1997 15:34:49 -0700
At 12:36 PM 10/2/97 +0100, Thierry GUINET wrote:
This being said here is my question: Is it correct to believe that attacks directed against the TCP/IP stack (like the famous (infamous?) OOB attack family ) could lead to crash an NT Firewall where a Unix based firewall should continue to run?
There are a number of things from the network that can 'Blue Screen' an NT box, most of those are fixed as soon as they are discovered. If NT was Mature, those issues would have been history, and we would not be finding those new issues (isn't that reiterative?). For use as a firewall, most vulnerable ports are disabled. The network stack is also supposed to be replaced in most NT firewalls with known code. However it appears that the people hired to code the stack are usually MS-experienced programmers, and cut-and-paste or otherwise make the same mistakes that MS did, leading to similar vulnerabilities on different port numbers. I have a draft 'NTexploits II' page at http://www.geocities.com/researchtriangle/3372/ (hey, it was free!) which also contains quite a few BSOD vulnerabilities. Bill Stout
Current thread:
- Firewall robustness Thierry GUINET (Oct 02)
- Re: Firewall robustness Bernhard Schneck (Oct 03)
- <Possible follow-ups>
- Re: Firewall robustness Dominique Brezinski (Oct 02)
- Re: Firewall robustness Bill Stout (Oct 02)