Penetration Testing mailing list archives
Re: Raptor firewall 6.1 port 80
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Mon, 05 Jul 2004 15:24:54 -0400
-----BEGIN PGP SIGNED MESSAGE-----
"Jerry" == Jerry Shenk <jshenk () decommunications com> writes:
Jerry> One feature with a Raptor firewall is that they seems to respond
Jerry> affirmatively to tons of stuff. For example, a portscan on
Jerry> pen-tests
Jerry> that I've done have shown lots of ports being open that
Jerry> really weren't.
Due to the way that Raptor, Borderware and Milkyway BlackHole
firewalls work, they actually listen on all ports.
This is due to technical issues, but it also has a feature that it
provides a total false positive answer to scanners.
All three were designed around 1994, when SYN floods were still a
future problem. (I am the designer of BlackHole 2.x)
- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr () xelerance com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQOmrBIqHRg3pndX9AQEuLwP+NszQDC59A+jAB8bYFCnjFHZcX7SbGbUh
brvdOEDQbQmBT68aG9JlVi0IbzX6+yoDjMjEJ/bN20P2yRyd6XcyDbcwRf51VQVC
W0nWKGFQHy0Hc2AvPqQM3dP5eymb/pPWs3vQKY3zSaNYFoXViotG3ptEJjBkHbcJ
XQLmj/nhoVc=
=5GCH
-----END PGP SIGNATURE-----
Current thread:
- Raptor firewall 6.1 port 80 Martin S (Jul 04)
- RE: Raptor firewall 6.1 port 80 Jerry Shenk (Jul 05)
- RE: Raptor firewall 6.1 port 80 Darren Webb (Jul 06)
- Re: Raptor firewall 6.1 port 80 Oliver () greyhat de (Jul 22)
- Re: Raptor firewall 6.1 port 80 Michael Richardson (Jul 07)
- RE: Raptor firewall 6.1 port 80 Darren Webb (Jul 06)
- Re: Raptor firewall 6.1 port 80 Kroma Pierre (Jul 17)
- RE: Raptor firewall 6.1 port 80 Jerry Shenk (Jul 05)