hi,
what about this hole concerning verbosity of firewalls, german TUV
discovered and disclosed at lasvegas blackhat?
While i just finished patching my fw1 to 4.1 sp2, i started playing with tuv
tools and if it was correct for authentication bypassing (fwa1 weakness is
patched), i was really surprised to discover that all my firewalls, these
with 4.1 sp2 included were always pleased to give to whole world, their
interface IP address, naturally private too
I understood the origin of that in tuv paper, but is it really impossible to
fix this problem, compatibility reasons ?
is Checkpoint working on it ?
Another point hurt my curiousity, why fw-1 trust an ip address inside a tcp
data payload instead of inside tcp headers. When u use fw tuv tools, u can
choose whatever ip address u want because this ip is placed inside payload
and is not really routed through Internet.
eg #fwfwa target 127.0.0.1
???
Thanx
Gregory Duchemin
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
