RE: Authentication Vulnerability in NetScreen ScreenOS
From: Brian Soby (tmpbox5_at_hotmail.com)
Date: 06/26/03
- Previous message: KF: "Re: OptiSwitch remote root compromise"
- Maybe in reply to: HedgeHog: "Authentication Vulnerability in NetScreen ScreenOS"
- Next in thread: Hugo van der Kooij: "RE: Authentication Vulnerability in NetScreen ScreenOS"
- Reply: Hugo van der Kooij: "RE: Authentication Vulnerability in NetScreen ScreenOS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: bugtraq@securityfocus.com Date: Thu, 26 Jun 2003 17:37:53 +0000
>However, after a user is authenticated, anyone else may also access the
>protected services if they orginate from the same source IP address (NAT'd
>network). The authentication mechanism is designed to authenticate based on
>source-ip address only.
Most firewalls track authenticated users based on the client's source IP
address. If you need a stronger method, you could always use the Netscreen
Remote client software and require a secure tunnel from the clients to get
to your protected resources.
-Brian Soby
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
- Previous message: KF: "Re: OptiSwitch remote root compromise"
- Maybe in reply to: HedgeHog: "Authentication Vulnerability in NetScreen ScreenOS"
- Next in thread: Hugo van der Kooij: "RE: Authentication Vulnerability in NetScreen ScreenOS"
- Reply: Hugo van der Kooij: "RE: Authentication Vulnerability in NetScreen ScreenOS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
