Bugtraq mailing list archives
Re: WatchGuard Firewall internal D.O.S
From: karl () MAXIM CA (Karl Stevens)
Date: Mon, 2 Nov 1998 12:15:30 -0700
Hello, We've have a Watchguard (original) for some time now, and don't see the problem you describe.. perhaps it could be a configuration issue? Does it happen at other ports as well, or just DNS? - And do you have the 'outgoing' icon enabled? (if so, it could be what's causing the problem - try just allowing specific traffic, and exclude the firewall from the lists of allowed hosts) FWIW, the Firebox (original, and probably II as well) is a low-end PC running Linux 2.0.3x.. (we built a backup for ours out of an old P100 and 3com NICs :) .. applying linux know-how to the firebox might save you some headaches.. TTUL -Karl ps. I agree that talking directly to Seattle Labs doesn't help much at first, try going through your dealer - SL is much more responsive to dealer inquiries than from end-users (it's the way they're structured... configuration problems are handled by the dealers, technical issues are handled by SL... since at first glance yours appears to be a configuration issue, they might have ignored it until it goes through proper channels..) Who Wants To Live Forever ... wrote:
When we was testing a FireBox II (WatchGuard.. the red one box) from internet it filtered any attack, but when we probe it from internal network (masquerade), it doesn't filter udp attack, actually with "pepsi" flood spoofed as localhost at dns port, it goes down, and stay disarmed. We dont know if machines at the "optional" interface stay completly vulnerable .. but it could be, we inform at WatchGuard.com .. but they doesnt answer. Matias Ruiz Patricio Laf. www.miticos.cl
Current thread:
- Re: Watchguard Firewall internal D.O.S WatchGuard Rapid Response (Oct 30)
- <Possible follow-ups>
- Re: WatchGuard Firewall internal D.O.S Karl Stevens (Nov 02)
- Re: WatchGuard Firewall internal D.O.S B. James Phillippe (Nov 03)