Firewall Wizards mailing list archives
Re: OBSD reaction to CERT advisory
From: Darren Reed <darrenr () reed wattle id au>
Date: Thu, 10 Oct 2002 10:48:00 +1000 (EST)
In some email I received from Daniel Hartmeier, sie wrote: [...]
And, yes, based solely on code inspection, I'm very confident that IPFilter is vulnerable to this attack.
Note, this statement: "code inspection". Not a code walk through or even an actual test.
If anyone fancies a little competition, set up an ftp server behind an IPFilter firewall. Allow me to connect to the ftp server (using passive mode, so the in-kernel ftp proxy allows incoming ftp data connections). Setup a fake target, like an echo "secret" inetd.conf entry, and absolutely filter any access to that port on the firewall. If I can connect to that port and get the secret, I win. How much are you betting?
How much are you prepared to lose ? Darren _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- OBSD reaction to CERT advisory Paul D. Robertson (Oct 09)
- Re: OBSD reaction to CERT advisory Daniel Hartmeier (Oct 09)
- Re: OBSD reaction to CERT advisory Paul Robertson (Oct 09)
- Re: OBSD reaction to CERT advisory Daniel Hartmeier (Oct 09)
- Re: OBSD reaction to CERT advisory Darren Reed (Oct 09)
- Re: OBSD reaction to CERT advisory Daniel Hartmeier (Oct 10)
- Re: OBSD reaction to CERT advisory Darren Reed (Oct 10)
- Re: OBSD reaction to CERT advisory Daniel Hartmeier (Oct 10)
- Re: OBSD reaction to CERT advisory Darren Reed (Oct 10)
- Re: OBSD reaction to CERT advisory Paul Robertson (Oct 09)
- Re: OBSD reaction to CERT advisory Daniel Hartmeier (Oct 09)