[12229] in bugtraq
Re: BUG: Win NT TCP/IP Security filters does not get enforced
daemon@ATHENA.MIT.EDU (David LeBlanc)
Tue Oct 12 18:36:41 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <3.0.3.32.19991012103354.043b15f0@mail.mindspring.com>
Date: Tue, 12 Oct 1999 10:33:54 -0700
Reply-To: David LeBlanc <dleblanc@MINDSPRING.COM>
From: David LeBlanc <dleblanc@MINDSPRING.COM>
X-To: Stefan Norberg <stnor@SWEDEN.HP.COM>, BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <000a01bf1322$63e06790$0500000a@hermes>
At 03:21 PM 10/10/99 +0200, Stefan Norberg wrote:
>However, I still consider it a bug. The GUI is misleading. If I configure
>the TCP/IP security using the GUI to "Permit *only* IP protocols: 6 (TCP)".
>Then EVERYTHING including ICMP and UDP (regardless of other settings) should
>be denied and NT should send an ICMP unreachable.
The GUI could definately be improved - here's the deal - the protocol box
allows you to regulate any protocols except TCP, UDP and ICMP. The other 2
boxes regulate TCP and UDP respectively - the protocol box won't control
them. Note that ICMP isn't controlled by this dialog at all. IMHO, the
online help could also be improved - none of these details are in the
online help. Also note that this dialog controls _incoming_ packets only -
outgoing packets are _not_ regulated. IIRC, frags are filtered after
re-assembly.
Hope this helps.
David LeBlanc
dleblanc@mindspring.com
