On Mon, Dec 25, 2000, System1 wrote about "RE: ipchains":
> using ICQ remote attacker is able to make full port scan on networks behind
> the firewall.
> If ICQ gives people the ability to make scans of my servers that are behind
> firewall I dont want it here. its only troubles.
> as you can understand we are blocking ICQ not because the files option. (at
> least trying to block it)
>
> Moran.
Saying "its only troubles" is way too simplistic. Users are using it because
they need it, like it, or whatever, and as you noticed, will make various
attempts to circumvent your firewall to keep it going. To them, ICQ is not
trouble - to them _you_ are trouble :)
I'm curious - which part of ICQ allows an attacker to do port scans on machines
behind the firewall? Is this a feature (bug) of their client, or some basic
feature (bug) of they way the ICQ protocol works?
P.S. I'm also behind a firewall that doesn't let ICQ through. I have a simple
solution: log in to a "normal" machine outside the firewall (ssh is allowed
through), and run micq (a textual client). You can also try searching for
an ICQ application-proxy for your firewall (I don't know if one exists, though
writing one that works for the simple cases seems easy enough).
--
Nadav Har'El | Monday, Dec 25 2000, 28 Kislev 5761
[EMAIL PROTECTED] |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |My password is my dog's name. His name
http://nadav.harel.org.il |is a#j!4@h, but I change it every month.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
