Re: Raptor firewall 6.1 port 80

• Previous message: H Carvey: "Re: PWDUMP Parser"
• Maybe in reply to: Martin S: "Raptor firewall 6.1 port 80"
• Next in thread: Kroma Pierre: "Re: Raptor firewall 6.1 port 80"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Jerry Shenk" <jshenk@decommunications.com>
Date: Mon, 05 Jul 2004 15:24:54 -0400

-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Jerry" == Jerry Shenk <jshenk@decommunications.com> writes:
    Jerry> One feature with a Raptor firewall is that they seems to respond
    Jerry> affirmatively to tons of stuff. For example, a portscan on
    Jerry> pen-tests
    Jerry> that I've done have shown lots of ports being open that
    Jerry> really weren't.

  Due to the way that Raptor, Borderware and Milkyway BlackHole
firewalls work, they actually listen on all ports.
  This is due to technical issues, but it also has a feature that it
provides a total false positive answer to scanners.

  All three were designed around 1994, when SYN floods were still a
future problem. (I am the designer of BlackHole 2.x)

- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

  
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQOmrBIqHRg3pndX9AQEuLwP+NszQDC59A+jAB8bYFCnjFHZcX7SbGbUh
brvdOEDQbQmBT68aG9JlVi0IbzX6+yoDjMjEJ/bN20P2yRyd6XcyDbcwRf51VQVC
W0nWKGFQHy0Hc2AvPqQM3dP5eymb/pPWs3vQKY3zSaNYFoXViotG3ptEJjBkHbcJ
XQLmj/nhoVc=
=5GCH
-----END PGP SIGNATURE-----

• Previous message: H Carvey: "Re: PWDUMP Parser"
• Maybe in reply to: Martin S: "Raptor firewall 6.1 port 80"
• Next in thread: Kroma Pierre: "Re: Raptor firewall 6.1 port 80"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]