Penetration Testing mailing list archives
Re: Raptor firewall 6.1 port 80
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Mon, 05 Jul 2004 15:24:54 -0400
-----BEGIN PGP SIGNED MESSAGE-----
"Jerry" == Jerry Shenk <jshenk () decommunications com> writes:
Jerry> One feature with a Raptor firewall is that they seems to respond Jerry> affirmatively to tons of stuff. For example, a portscan on Jerry> pen-tests Jerry> that I've done have shown lots of ports being open that Jerry> really weren't. Due to the way that Raptor, Borderware and Milkyway BlackHole firewalls work, they actually listen on all ports. This is due to technical issues, but it also has a feature that it provides a total false positive answer to scanners. All three were designed around 1994, when SYN floods were still a future problem. (I am the designer of BlackHole 2.x) - -- ] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr () xelerance com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Finger me for keys iQCVAwUBQOmrBIqHRg3pndX9AQEuLwP+NszQDC59A+jAB8bYFCnjFHZcX7SbGbUh brvdOEDQbQmBT68aG9JlVi0IbzX6+yoDjMjEJ/bN20P2yRyd6XcyDbcwRf51VQVC W0nWKGFQHy0Hc2AvPqQM3dP5eymb/pPWs3vQKY3zSaNYFoXViotG3ptEJjBkHbcJ XQLmj/nhoVc= =5GCH -----END PGP SIGNATURE-----
Current thread:
- Raptor firewall 6.1 port 80 Martin S (Jul 04)
- RE: Raptor firewall 6.1 port 80 Jerry Shenk (Jul 05)
- RE: Raptor firewall 6.1 port 80 Darren Webb (Jul 06)
- Re: Raptor firewall 6.1 port 80 Oliver () greyhat de (Jul 22)
- Re: Raptor firewall 6.1 port 80 Michael Richardson (Jul 07)
- RE: Raptor firewall 6.1 port 80 Darren Webb (Jul 06)
- Re: Raptor firewall 6.1 port 80 Kroma Pierre (Jul 17)
- RE: Raptor firewall 6.1 port 80 Jerry Shenk (Jul 05)