Firewall Wizards mailing list archives
Re: Variations of firewall ruleset bypass via FTP
From: Darren Reed <darrenr () reed wattle id au>
Date: Sat, 12 Oct 2002 15:57:37 +1000 (EST)
In some email I received from Paul Robertson, sie wrote:
On Sat, 12 Oct 2002, Darren Reed wrote:This deserves more treatment than I have given it because I'm sure it is a reflection of an attitude people form when they have no understanding of roles and responsibilities people have, never mind what "software engineering" is, beyond a simple "hack on it" mentality.I think you're taking it more personally than you should[1], let me see if I can take a less inflamitory stance...So your reading, of my saying meaning the "someone else" to be the users is quite incorrect. What I said was, literally, quite correct.I think what Mikael's concern was (and he'll pipe up if I'm wrong, I'm sure) is that folks looking at the vuln. note will see "IPFilter- Not vulnerable." and stop there, rather than looking for a Net- or Free- entry. "Check the specific OS line, or your version number, or upgrade." Might be more helpful too.
Well what other conclusion do you arrive at when you've spent several days testing and failed to make the problem happen ? That said, my feedback mentioned quite specifically that ipfilter was not vulnerable to *that* exploit, ie the one we received from CERT, written by Mikael, and that it may be vulnerable to others (I have not seen all the others so I can't be sure, either way.) Unfortunately the people behind security-officer for NetBSD have been next to useless in this case and if you asked me, their largesse in this case would be a good excuse to give them all the ass (it's not a fun job, either.) FreeBSD has not been much better. What compounds my annoyance about all this is the lack of information available to me, at the time. To me the notes looked like someone had specifically developed an ftp daemon to tickle the problem and if that is what it took, I was just simply not interested. Darren _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Al Potter (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- <Possible follow-ups>
- Re: Variations of firewall ruleset bypass via FTP Philip J. Koenig (Oct 14)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 14)