Penetration Testing mailing list archives
Re: Raptor Firewall
From: "bluefur0r bluefur0r" <bluefur0r () drea ms>
Date: 10 Dec 2001 18:25:28 -0000
Is there by anychance any cisco gear in front of the raptor? I fell into the same scenario a while back where the cisco was the actual problem and not the FW-1. If you have mapped the public ip's I suggest looking for one. Just a thought... ( i had to slow my scans down to the polite setting.. yikes was that slow.) blue
On Thursday 06 December 2001 06:06 pm, Stuart wrote:We've run a pentest against a customer recently and found that the very act of port scanning their Raptor firewall (running on NT) crippled its ability to accept incoming connections for their web site. The firewall is a new high spec PIII and the least line is a decent size. The nmap scans were standard timing (not T5 or anything daft) - once the scans were stopped, things burst back in to life within about 10minutes.[ snip ]Does this ring any bells with anyone? Seems very odd to me... a portscan should not cause a DOS by itself...
================================================================= Kies een origineel e-mailadres op www.emails.nl ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Raptor Firewall Lambott (Dec 10)
- <Possible follow-ups>
- Re: Raptor Firewall bluefur0r bluefur0r (Dec 10)