Andrew Suffield wrote: > On Thu, May 31, 2007 at 04:02:47PM -0400, Family Heritage Books wrote: >> Recently I ran across an article in eweek >> http://www.eweek.com/article2/0,1895,2130397,00.asp?kc=EWKNLEDP051607B >> basically saying that there is a serious security hole affecting >> virtually every major firewall and intrusion prevention system available. >> It seems to involve a network evasion technique that uses full-width and >> half-width unicode characters to allow malware to evade detection by an >> IPS or firewall. >> >> Does anyone know if this is an issue that affects Shorewall. > > The article's a load of nonsense. This is neither a new problem > (Schneier raised it in 2000, that's probably the first widely known > instance of it) nor a problem affecting firewalls. Unicode is a > security disaster area, but it's got nothing to do with shorewall. > ... > Lousy bit of journalism. Most of it is fiction.
The CERT article they link to makes a lot more sense, and also makes it
clear that it's HTTP content scanning systems that are affected, not
packet filters:
http://www.kb.cert.org/vuls/id/739224
--
Paul
<http://paulgear.webhop.net>
--
Did you know? Microsoft Internet Explorer and Outlook have a poor track
record for security <http://www.kb.cert.org/vuls/id/713878>. Why not
try one of the more secure alternatives from <http://mozilla.org>?
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
