> I don't really understand why a classical firewall shouldn't suits for
> that sort of packets, i mean if they are tcp packets they'll be scanned
> like other (the headers in fact ...) whatever the datas they contains...
>
> I'm i wrong ??
Yes.
Try the following experiment (if you have the right to crash your Oracle
server):
1- Telnet to port 1521 (or 1526, as the case may be) on your Oracle7 or
Oracle8 server through a packet-filtering firewall
2- Type GORF (or any of a wide variety of other strings -- see bugtraq from
late 1998) and press ENTER.
3- Observe that Oracle is now unresponsive to the network
Now try that through a full SQL*Net proxy.
(Note that this assumes that your Oracle server has not had a particular
vendor patch applied. This is probably a safe assumption, but in any case
consider the case of the *next* such vulnerability to be found.)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
