Firewall Wizards mailing list archives
Re: Buffer Overruns
From: Michael Kelly <michaelkelley () home com>
Date: Sun, 19 Dec 1999 01:43:29 -0500
Crispin Cowan wrote:
Michael Kelly wrote:I really feel silly asking this, but; Can these buffer overrun bugs penetrate firewalls?It's highly circumstantial. It depends on: * Where the buffer overflow attack needs to go. Is it just an URL? A tag in an HTML file? A tag in an RTF file? Etc. * What kind of firewall you're using. They go through packet filters like water through a sieve. They *might* be stopped by a proxy filter, depending on what the proxy is looking for.
We've got 2 PIX firewalls. One active, one as a redundancy. We don't have a proxy server running at the moment and we don't have any definite plans to put one online. (Although it's my understanding that in about a year, we may be moving our apps off of the DEC and putting them on Compaqs. I'm trying to talk them into putting squid on the DEC because in a year we'll have more offices using using our gateway.)
I'm trying to convince the boss to ditch IE in favor of Netscape. (which is only slightly better)I don't see a huge difference right now. When Mozilla goes beta, I'll probably StackGuard it for Linux.
Any news good or bad about Opera? We have to ditch IE now according to our customer. There are some bugs on the customers website that show up when you use IE. I'm thinking about trying Opera out for the hell of it. PS to the list members; Thanks for the responses, I've read them all. I didn't have the opportunity to thank everyone who responded to me. -- Ignorantque datos, ne quisquam serviat, enses. Lucanus (A.D. 39-65), De Bello Civili michaelkelley () home com
Current thread:
- Buffer Overruns Michael Kelly (Dec 17)
- Re: Buffer Overruns Joseph S D Yao (Dec 18)
- Re: Buffer Overruns Marcus J. Ranum (Dec 18)
- Re: Buffer Overruns Crispin Cowan (Dec 18)
- Re: Buffer Overruns Michael Kelly (Dec 20)
- Re: Buffer Overruns Matt Curtin (Dec 18)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- RE: Buffer Overruns Michael D. Hunter-Linville (Dec 21)
- Re: Buffer Overruns Saravana Ram (Dec 24)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- <Possible follow-ups>
- Re: Buffer Overruns Ryan Russell (Dec 18)
- Re: Buffer Overruns Steven M. Bellovin (Dec 18)
- Re: Buffer Overruns Vin McLellan (Dec 20)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)
- OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Lim Wei Siong Vincent (Dec 22)
- Re: OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Joseph S D Yao (Dec 23)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)