Re: Administrivia #4883

[tsiegel () SOFTCON COM (Travis Siegel)]

One package that I know used to have a hole was a windows firewall
package.  I can't remember the name of it, but it is about 4-5 years old
at this point.  By default, it allowed you to string an ftp request, so
that someone connecting to your box could go to another site, and it would
look like they were coming from you.  I verified it worked for ftp, though
I never did test telnet.  I found it by accident, and bugtraq wouldn't
publish the findings, claiming I was too opinionated (or something like
that) and if I didn't remove the passage that called it bad security (or
words to that affect) they would not publish it on the list.  I refused,
and so the bug never got posted.  Not spacifically software related, but I
recently discoverd that flowpoint dsl routers by default do not limit the
number of attempts you can have at entering a password to get logged in.
To my knowledge, (I've not finished reading the manual yet) there's no
option to turn this default behavior off, though I cannot verify this.
With a simple perl script, someone could simply hammer away at the
flowpoint routers until they find a combination of characters that works.
There's no point in saying what kind of security risk this is, I think
it's obvious.  Flowpoint doesn't mention this slight oversight in their
documentation anywhere (I've searched for it) although I haven't (yet)
sent an email to their people telling them of this, I was going to wait
until I had the time to actually test a script against my own router
first.