[10047] in bugtraq
Re: Possible security hole
daemon@ATHENA.MIT.EDU (Warren Barrow)
Tue Mar 30 23:12:35 1999
Date: Mon, 29 Mar 1999 13:11:11 -0500
Reply-To: Warren Barrow <wbarrow@LOCKED.COM>
From: Warren Barrow <wbarrow@LOCKED.COM>
X-To: lincoln@hotlink.com.br
To: BUGTRAQ@NETSPACE.ORG
it is quite possible that -any- firewall may be incorrectly configured.. I
would have to say that a good portion of firewalls are running in
production mode with incorrect configurations. If you read -further- into
the FW-1 documentation it states that it is highly advisable to enable
"control ip forwarding at boot". ..with this option enabled, fw-1 will
make sure the interface does not come up until the security policy is
loaded and in place.
If you are running firewall-1 v3.0b, it is time to upgrade... 4.0 is out
and has many a fix added.
-Warren Barrow/CCSE
At 08:09 AM 3/29/99 -0300, you wrote:
>Quoting Christoforos Karatzinis <chka@SOLUTIONS.IE>:
>
>Hi,
> The FW1 documentation clearly states that there is
>a small delay after the interface initialize's and the
>FW starts acting on it. It is possible to do something
>"bad" to it in this period...
>
>Regards,
>Cristiano Lincoln Mattos
>Recife / Brazil
>
>> The first 25 packets were lost before the interface's
>initialization. The
>> packets with sequence number greater than 34 are droped
>from the firewall.
>> What about the packets with sequence number 25-34? Is it
>possible that
>> someone can use this time (after the interface's
>initialization and before
>> the firewall's initialization) to do something bad?
>>
>> Regards,
>> Christofer
>
>
