BlackIce Firewalls Vulnerable To DOS Attack

[InfoSec News <isn () c4i org>]

http://www.newsbytes.com/news/02/174282.html

By Brian Krebs, Newsbytes
WASHINGTON, D.C., U.S.A.,
06 Feb 2002, 11:06 AM CST
 
The popular BlackIce Defender and BlackIce Agent personal Internet
firewall programs are vulnerable to a denial-of-service attack that
could render many home users defenseless against further assaults, the
product's manufacturer said today.

Internet Security Systems, which acquired the Network ICE security
suite last year, issued an alert on Tuesday stating that all current
versions of BlackIce running on Windows XP and Windows 2000 can be
crashed using a modified ping-flood attack.
 
Ping-flood attacks can overwhelm a computer by causing it to respond
to an inordinate number of “are you there?” requests from other
machines.

ISS said the risk of the vulnerability to corporate BlackIce users is
minimal, as most corporate firewalls already block ping requests from
external Internet addresses.

ISS is currently developing and testing a fix for the security hole.  
Until it is released, users can implement the interim workaround as
described at: http://www.iss.net/security_center/alerts/advise109.php



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.