Penetration Testing mailing list archives
Symantec SGS Gateway Firewall DoS vulnerability
From: Attari Attari <c70n3 () yahoo co in>
Date: Mon, 19 Nov 2007 10:40:49 +0000 (GMT)
Hi Group: During Pen Testing some of my clients over the year, those using Symantec SGS Gateway firewall, in application proxy mode, I found vulnerable to a severe Denial of Service issue. I spoke about this with Symantec at a number of occasions without any satisfying answers, suggestions or solution. The issue is when you scan (nessus/nmap) a network with Symantec SGS as the firewall configured in application proxy mode, the firewall shows even non-existent IP addresses and ports to be open and live. This results in firewall reaching it's maximum allowable connection limit in just 2 to 3 minutes and network access through firewall getting choked up. Things start working well again as you stop the scan. I'm pretty sure this is a serious issue and Symantec is not ready to accept it. Any suggestions/comments? Clone Flying to Bangalore or Bhopal? Search for tickets at http://in.farechase.yahoo.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Symantec SGS Gateway Firewall DoS vulnerability Attari Attari (Nov 19)
- RE: Symantec SGS Gateway Firewall DoS vulnerability Paul Melson (Nov 19)