Well I hav'nt tested it but if STN does not block against IP spoofing
attacks then you have a potential vulnerability whenever there are rules
based on source address alone.
A potential example (but not likely) is that if the web admin portion of STN
is set to internal only then an external user could 'spoof' and Internal IP
address and set a web request/or modification of the STN box from the
Internet - if he knew the username/password of course.
The other security issues that I am aware of with STN are:
- VERY old Version of BIND/NAMED (DNS) that is easily crashable - a
reboot is currently required to fix this.
- From memory the HTTPD server (THTTPD) that is used for web admin has a
vulnerability
The REALLY nice thing I would like to see with STN is logging of dropped
packets so you can SEE when someone is hacking/scanning you.
Thanks
Shaun Moran
Security Engineer
----- Original Message -----
From: "Richard G. Samuels" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 07, 2000 9:22 AM
Subject: Re: [ShareTheNet] Woo Woo! Good Stuff about STN
> I had a customer buy an $800 "firewall" box based on the salesman's
> representation that NAT devices like STN are not secure because an
> intruder can spoof an internal IP address. I asked him if he knew the
> difference between a used car salesman and a computer salesman. (There
> are two answers: 1. The used car salesman knows when he's lieing. 2.
> About 2 weeks.).
>
> Is there any conceivable way this could be done?
>
> john burton wrote:
> >
> > I posted my results of 'nmap' some time back. Showed 25 (smtp) 80
(http) and 53 (nameserver) open here; all of which were expected.
> >
> > STN does do well as a firewall!
> >
> > --==jb==--
> >
> > --
> > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > john burton
> > Midwest City, Oklahoma
> >
> > -----Original Message-----
> > From: Gavin Delaney [SMTP:[EMAIL PROTECTED]]
> > Sent: Sunday, August 06, 2000 13:47
> > To: [EMAIL PROTECTED]
> > Subject: [ShareTheNet] Woo Woo! Good Stuff about STN
> >
> > A friend of mine who works as a "Security Consultant" and programmer for
> > a local e-company decided to try to have some fun with me and ran a few
> > of his testing proggies like nessus on me. He was *very* surprised that
> > i seemed nearly impregnable!!!
> >
> > lets hear it for STN! :)\
> >
> > Gavin Delaney
> >
> > --- Sponsor's Message --------------------------------------
> > Get a NextCard Visa, in 30 seconds!
> > 1. Fill in the brief application
> > 2. Receive approval decision within 30 seconds
> > 3. Get rates as low as 2.9% Intro or 9.9% Fixed APR
> > http://click.topica.com/aaaaq0bz8Rp2bAfyJec/NextCardAd2
> > ------------------------------------------------------------
> >
> > --
> > Visit http://www.ShareTheNet.com for info about ShareTheNet
> > Visit http://www.topica.com/lists/sharethenet for info about this list
> > ___________________________________________________________
> > T O P I C A The Email You Want. http://www.topica.com/t/16
> > Newsletters, Tips and Discussions on Your Favorite Topics
> >
> > Name: WINMAIL.DAT
> > WINMAIL.DAT Type: application/x-unknown-content-type-dat_auto_file
> > Encoding: x-uuencode
> >
> > --- Sponsor's Message --------------------------------------
> > TOO MUCH DEBT? Let this nonprofit help you lower your credit card
> > interest charges and consolidate your payments without a loan. If you
> > have $5000 in credit card debt, click here.
> > http://click.topica.com/aaaav5bz8Rp2bAfyGbc/Edebt
> > ------------------------------------------------------------
> >
> > --
> > Visit http://www.ShareTheNet.com for info about ShareTheNet
> > Visit http://www.topica.com/lists/sharethenet for info about this list
> > ___________________________________________________________
> > T O P I C A The Email You Want. http://www.topica.com/t/16
> > Newsletters, Tips and Discussions on Your Favorite Topics
>
>
>
> --- Sponsor's Message --------------------------------------
> TOO MUCH DEBT? Let this nonprofit help you lower your credit card
> interest charges and consolidate your payments without a loan. If you
> have $5000 in credit card debt, click here.
> http://click.topica.com/aaaav5bz8Rp2bAfyHfc/Edebt
> ------------------------------------------------------------
>
> --
> Visit http://www.ShareTheNet.com for info about ShareTheNet
> Visit http://www.topica.com/lists/sharethenet for info about this list
> ___________________________________________________________
> T O P I C A The Email You Want. http://www.topica.com/t/16
> Newsletters, Tips and Discussions on Your Favorite Topics
>
--- Sponsor's Message --------------------------------------
TOO MUCH DEBT? Let this nonprofit help you lower your credit card
interest charges and consolidate your payments without a loan. If you
have $5000 in credit card debt, click here.
http://click.topica.com/aaaav5bz8Rp2bAfyICc/Edebt
------------------------------------------------------------
--
Visit http://www.ShareTheNet.com for info about ShareTheNet
Visit http://www.topica.com/lists/sharethenet for info about this list
___________________________________________________________
T O P I C A The Email You Want. http://www.topica.com/t/16
Newsletters, Tips and Discussions on Your Favorite Topics
