Re: Possible Kerio Vulnerability Workaround

From: Kerodo (loopback_at_localhost.com)
Date: 03/07/05

  • Next message: Duane Arnold: "Re: Are there any firewall software that block programs from running?"
    Date: Sun, 6 Mar 2005 19:48:41 -0800
    
    

    On Mon, 07 Mar 2005 03:10:37 GMT, mhicaoidh wrote:

    > Taking a moment's reflection, Hassan I Sahba mused:
    >|
    >| This flaw was public in 1999 and affected many firewalls. Everyone but
    >| Tiny/Kerio fixed the problem. I've only verified that Tiny/Kerio are
    >| still vulnerable.
    >
    > That's not anywhere near being accurate. Kerio *did* fix it in version
    > 4. Kerio 2.x has been discontinued for a very long time ... they aren't
    > going to fix what is no longer being developed. I still use 2.1.4, but I
    > don't understand why so many people get so up in arms over a security hole
    > discovered in a piece of software that has been discontinued for years.

    Mostly fear I suspect. I think most people have concluded that nothing
    harmful can happen as a result of it. A few frag'd packets may slip thru,
    but any response to them will be blocked by Kerio, so what's the problem?
    I don't see how any harm can come from it. But maybe I'm missing
    something?

    -- 
    Kerodo
    

  • Next message: Duane Arnold: "Re: Are there any firewall software that block programs from running?"

    Relevant Pages

    • RE: Routers, Switches, and Firewall testing
      ... We have been using the ISIC tool suite. ... random packets of the target protocol. ... specify the source and destination port along with the IP. ... While the test above is not "realistic" as firewalls generally do not recive ...
      (Pen-Test)
    • Re: Stateful Inspection
      ... >> A stateful firewall can inspect the contents of the packets as well. ... > VisNetic Firewall falls into a class of firewalls called Stateful ... Stateful inspection firewalls overcome the ...
      (comp.security.firewalls)
    • Re: Stateful Inspection
      ... >> A stateful firewall can inspect the contents of the packets as well. ... > VisNetic Firewall falls into a class of firewalls called Stateful ... Stateful inspection firewalls overcome the ...
      (comp.security.firewalls)
    • Re: Stateful Inspection
      ... > A stateful firewall can inspect the contents of the packets as well. ... Stateful Packet Inspection ... VisNetic Firewall falls into a class of firewalls called Stateful ... Stateful inspection firewalls overcome the ...
      (comp.security.firewalls)
    • Re: Stateful Inspection
      ... > A stateful firewall can inspect the contents of the packets as well. ... Stateful Packet Inspection ... VisNetic Firewall falls into a class of firewalls called Stateful ... Stateful inspection firewalls overcome the ...
      (comp.security.firewalls)