Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pix crashing with ISS snmp checks

From: Ted Doty <ted () iss net>
Date: Fri, 05 Mar 1999 15:13:51 -0500
At 10:21 AM 3/4/99 -0500, Adam Shostack wrote:


serious problem.  There are checks in every security scanner which
will crash a target unexpectedly; scanners, by their nature, work
outside the bounds that the system designers anticipated.


Often this activity isn't even "outside the bounds" of what you'd expect to
find: some widely-deployed devices have IP stacks that can only handle one
connection at a time, and go catatonic if you port scan them; some servers
core dump if you close the connection without sending or reading any data. :-p

This is probably going to become more of a problem in the future, as more
and more "toaster" type of products show up with network interfaces.

ObDisclaimer: I'm the Internet Scanner product manager.

- Ted

-----------------------------------------------------------------------
Ted Doty, Internet Security Systems          | Phone: +1 678 443-6000
6600 Peachtree Dunwoody Road, 300 Embassy Row | Fax:   +1 678 443-6479
Atlanta, GA 30328  USA                       | Web: http://www.iss.net
-----------------------------------------------------------------------
PGP key fingerprint: 362A EAC7 9E08 1689  FD0F E625 D525 E1BE
Previous By Date Next
Previous By Thread Next

Current thread: