[11966] in bugtraq
Re: NAI Security Advisory - Windows IP source routing
daemon@ATHENA.MIT.EDU (Eric D. Williams)
Wed Sep 22 15:00:22 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <01BF04E0.1AD4C3C0.eric@infobro.com>
Date: Wed, 22 Sep 1999 09:51:47 -0400
Reply-To: "Eric D. Williams" <eric@INFOBRO.COM>
From: "Eric D. Williams" <eric@INFOBRO.COM>
X-To: "BUGTRAQ@SECURITYFOCUS.COM" <BUGTRAQ@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Logically speaking I would think, unless the stack has been modified (read
replaced)
with an implementation other than MS's then that system would also be
vulnerable.
In the case of packet filtering however, it would seem to be mitigated by the
destination address
entries in the filtering setup. So, perhaps filtering would not be vulnerable
if configured correctly.
Eric
Eric Williams, Pres.
Information Brokers, Inc. Phone: +1 202.889.4395
http://www.infobro.com/ Fax: +1 202.889.4396
mailto:eric@infobro.com
For More Info: info@infobro.com
On Tuesday, September 21, 1999 3:34 AM, Holger Heimann [SMTP:hh@IT-SEC.DE]
wrote:
> > Windows TCP/IP stacks configured to disable IP forwarding or IP
> > source routing, allow specific source routed datagrams to route
> > between interfaces. Effectively, the Windows TCP/IP stack can
> > not be configured to disable IP datagrams passing between
> > networks if two network cards have been installed.
>
> Any knowledge whether Firewall/Packet-Filtering Products based on the
> Windows TCP/IP stack are concerned and under what circumstances?
>
> thanks, hh
