Bugtraq mailing list archives
Re: Ambiguities in TCP/IP - firewall bypassing
From: daw () mozart cs berkeley edu (David Wagner)
Date: 19 Oct 2002 00:18:50 GMT
Paul Starzetz wrote:
We believe that the flaws we have detected have a big impact on design of firewalls and packet filters since an improper implementation can easily lead to serious security problems.
Is there any reason to expect that such improper implementation would be common? As far as I know, the common case is packet filters that look at only the ACK and SYN bits. A typical configuration: All incoming packets with the ACK bit set are allowed, as are all outgoing packets. The anomalies you found don't seem to pose any problems for such a style of configuration. Are you aware of any common configurations that are at risk?
Current thread:
- Re: Ambiguities in TCP/IP - firewall bypassing, (continued)
- Re: Ambiguities in TCP/IP - firewall bypassing Alun Jones (Oct 18)
- RE: Ambiguities in TCP/IP - firewall bypassing John Fitzgerald (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Tony Finch (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Alan DeKok (Oct 18)
- Re: Ambiguities in TCP/IP - firewall bypassing Luis Bruno (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Lyndon Nerenberg (Oct 21)
- Re: Ambiguities in TCP/IP - firewall bypassing cbrenton (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Aaron Hopkins (Oct 19)
- Re: Ambiguities in TCP/IP - firewall bypassing Florian Weimer (Oct 22)