Firewall Wizards mailing list archives
Re: Dangers from SNA?
From: Ted Doty <ted () iss net>
Date: Tue, 13 Jul 1999 14:52:41 -0400
At 08:50 AM 7/13/99 +0100, Juergen.Nieveler () gecits-eu com wrote:
A client of mine wants to secure his WAN with a firewall, but pass all SNA-traffic through a bypass, because firewalls donĀ“t work to well with SNA. In Effect, all SNA-Users (the IBM Net, for example) would connect directly to his network. Are there any dangers from this approach, besides it being bloody ludicrous to bypass a firewall at all?
Given the prevalence of password sniffers and the lack of protection that SNA provides against password attack, this would appear to be risky. While I haven't heard of anyone crafting custom SNA packets to do a spoofing attack with captured passwords, the protocols are well documented.
Would repacking the SNA in IP with DLSW add more security, or just help to put it through the firewall?
Might even make it easier to spoof. Lots of people understand IP spoofing, and adding encapsulated headers inside IP is much easier than crafting raw packets themselves. There are several packet editing tools available to help with this. - Ted ----------------------------------------------------------------------- Ted Doty, Internet Security Systems | Phone: +1 678 443-6000 6600 Peachtree Dunwoody Road, 300 Embassy Row | Fax: +1 678 443-6479 Atlanta, GA 30328 USA | Web: http://www.iss.net ----------------------------------------------------------------------- PGP key fingerprint: 362A EAC7 9E08 1689 FD0F E625 D525 E1BE
Current thread:
- Dangers from SNA? Juergen . Nieveler (Jul 13)
- Re: Dangers from SNA? Ted Doty (Jul 13)
- <Possible follow-ups>
- Re: Dangers from SNA? joe_dauncey (Jul 14)
- Re: Dangers from SNA? kevans (Jul 14)