Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Digital FW2.0 question

From: pd () netlanders net (Peter Dieth)
Date: Tue, 26 Nov 1996 21:59:22 +0100

Hi Netlanders,


today I snooped thru a "DEC FireWall for Unix 2.0" (Altavista) system
running under Digital Unix V3.2c and detected a questionable kernel
setup.


I used iprsetup (tool to display/modify kernel variables)

case 1: firewall activated
--------------------------

# iprsetup -f1                   # undocumented switch to enable fw setup

# iprsetup -d
ipforwarding = 1
ipgateway = 1
ipfirewall = 1
ipchkredirects = 1
ipsrcroute = 0


case 2: firewall deactivated
----------------------------

# iprsetup -r                    # reset values

# iprsetup -d
ipforwarding = 0
ipgateway = 0
ipfirewall = 0
...


Why does dec enable ipforwarding and ipgatewaying in a firewall
configuration with disabled "transparent proxies" ?

Is there a weakness in the screend or networking code regarding ip
frags ?
The box seems to get slower when sending many ip frags to it.


cu,
Peter

BTW: I could crash the system using the "win95ping" and made a dos
using syn atack.
---
 LIFE = A fatal condition caused by sexual contact
Previous By Date Next
Previous By Thread Next

Current thread: