Bugtraq mailing list archives
Re: Firewall-1 Security Advisory
From: mnemonix () GLOBALNET CO UK (Mnemonix)
Date: Tue, 27 Oct 1998 09:47:36 -0000
----------
From: Paul Sears <Paul_Sears () NACM COM> To: BUGTRAQ () NETSPACE ORG Subject: Re: Firewall-1 Security Advisory Date: Monday, October 26, 1998 8:58 PM Diligence Risks wrote:Diligence Security Advisory Issue: Checkpoint's Firewall-1 has a "feature" that can allow an
external
intruder to pass through the firewall and attack machines, unihibited,
on
the protected side.
-SNIP-
This is documented in the administration guide and CCSE training classes also cover these.
According to Check Point sources this is undocumented. Having also read through the CCSE manuals the only thing close to a caveat I can find is the following (CCSA manual- Page 5-49 - Configuring Control Properties) Begin Quote Currently, the most common errors during implementation of Firewall-1 are made in the Control Properties. The reason for these errors are: 1) Misunderstanding the importance of direction when packets are inspected, and 2) Misunderstanding of how the Control Properties and the Rule Base Matching Order work together. End Quote So the closest thing to a warning, comes not in the manuals that come with the software - but you have to pay to go on a course for this info. I may be wrong about this - if you know of any other place where this is documented please let me know. Cheers, David Litchfield MCP+Internet Information Security Specialist
Current thread:
- Firewall-1 Security Advisory Diligence Risks (Oct 24)
- <Possible follow-ups>
- Re: Firewall-1 Security Advisory Paul Sears (Oct 26)
- Re: Firewall-1 Security Advisory Mnemonix (Oct 27)
- Sendmail, lynx, Netscape, sshd, Linux kernel (twice) Michal Zalewski (Sep 05)
- Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice) Nick Andrew (Oct 28)
- Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice) brian j. pardy (Oct 28)
- [L0pht Advisory] MacOS - FWB passwords easily bypassed Space Rogue (Oct 30)
- Re: Firewall-1 Security Advisory John Horn (Oct 28)
- rootshell hacked via ssh-1.2.26 Felix von Leitner (Oct 28)
- Sendmail, lynx, Netscape, sshd, Linux kernel (twice) Michal Zalewski (Sep 05)
- Re: Firewall-1 Security Advisory David S. Goldberg (Oct 27)
- Re: Firewall-1 Security Advisory Gary Gaskell (Oct 27)
- Re: Firewall-1 Security Advisory Ejovi Nuwere (Oct 29)
- Summary of Printer Sharing and M1CR0S0FT Windows98 Paul Leach (Oct 29)
- Re: Firewall-1 Security Advisory Gary Gaskell (Oct 27)
(Thread continues...)