Re: ICMP pokes holes in firewalls...
From: by way of Lucio (hdm_at_digitaloffense.net)
Date: 09/26/03
- Previous message: Bob Johnson: "Re: Does VeriSign's SiteFinder service violate the ECPA?"
- Maybe in reply to: bugtraq_at_hackerfactor.com: "ICMP pokes holes in firewalls..."
- Next in thread: Darren Reed: "Re: ICMP pokes holes in firewalls..."
- Reply: Darren Reed: "Re: ICMP pokes holes in firewalls..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Sep 2003 11:54:57 +0000 To: bugtraq@securityfocus.com
Only if these systems are running kernel version 2.2, the 2.4 NAT system
has been rewritten and is not vulnerable.
On Friday 26 September 2003 04:55 am, Lucio wrote:
> > This also applies to Linux NAT gateways.
>
> I'm rellay not an expert in building a firewall with a Linux box, but
> I've tried twice and now I have two customers happy of their
> unexpensive Linux based firewall. These firewalls offer also NAT
> functionality to the respective LANs they protect and use iptables
> rules with stateful inspection to filter the packets. Both customers
> have a DNS in between the linux firewall and the ISP's router. Are they
> vulnerable to any of those attacks?
- Previous message: Bob Johnson: "Re: Does VeriSign's SiteFinder service violate the ECPA?"
- Maybe in reply to: bugtraq_at_hackerfactor.com: "ICMP pokes holes in firewalls..."
- Next in thread: Darren Reed: "Re: ICMP pokes holes in firewalls..."
- Reply: Darren Reed: "Re: ICMP pokes holes in firewalls..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
