Today GTA performed a number of tests to validate the problem Andrew Batson identified. We have confirmed that there is a problem however I doubt it impacts most commercial customers. The problem is not an exploit and does not compromise the firewall.
This issue only affects GNAT Box System Software 3.3.0 Problem Creation of a virtual crack for certain special application protocols causes a kernel panic and crashes the firewall. (Typically the firewall reboots). This problem is caused when certain applications attempt to access a remote network (Internet) from the PSN or PRO networks. Applications that cause this problem are: 1. Gaming software from Blizzard that access Battlenet, (WarCraft, StarCraft, etc). 2. The X-Windows XDM protocol. When accessing a server external to the firewall which provides a XDM login. 3. CuSeeMe. Impact 1. Minimal for most commercial users. 2. Users of Battlenet are affected. 3. X-Windows users who access remote systems via the XDM login facility. 4. CuSeeMe users are affected. Remedy The current remedy for system 3.3.0 is to create outbound filters that block the use of these protocols. 1. BattleNet: Add an outbound filter which blocks destination port 6112 for TCP. 2. XDM: Add an outbound filter which blocks destination port 177 for UDP. 3. CUSeeME: Add an outbound filter which blocks destination ports: 7648,7649 TCP and 7648, 7649, 24032 UDP This problem will be officially remedied in the next patch release of system software 3.3. (3.3.1). Alternative Solution 1. Use system 3.2.5 if the affected applications are required. Paul --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
