Re: [ISN] Sudan Bank Hacked, Bin Laden Info Found - Hacker

From: InfoSec News (isnat_private)
Date: Mon Oct 01 2001 - 03:13:59 PDT

  • Next message: InfoSec News: "[ISN] Transportation agencies called vulnerable to cyberattacks"

    Forwarded from: Patrick Oonk <patrickat_private>
    On Sun, Sep 30, 2001 at 05:23:22AM -0500, InfoSec News wrote:
    > Forwarded from: Tim Slighter <timslighterat_private>
    > I read that story and I would like to have the glorious opportunity of
    > confronting the "so-called" hackers to find specifics on how exactly
    > they managed to bypass perimeter defense.  First off, what Financial
    > Institution would be stupid enough to place DNS on the same server as
    > the Firewall ? (especially if there was 50 Million of that guy's cash
    > there), Secondly, even if they had done something so stupid as placing
    > DNS on the Firewall, the only bypass vulnerability that Checkpoint
    > Firewall-1 has been known to have is the PASV FTP where a one way
    > connection could be exploited given very specific conditions.  
    > Assuming that they had gained access, then the initial claim that they
    > had "hacked" the DNS server would indicate that access was gained via
    > port 53 or a known exploit via DNS, this however, would not provide
    > them with any known exploits by which to bypass the Firewall.  The
    > more I research this and the more I think about it, that story has
    > more holes in it than Swiss Cheese.  What a HOAX !!
    Another thing someone pointed out at me: why would an Islamic bank in
    Sudan use the Israeli product Checkpoint Firewall-1 ?
     patrick oonk - pine internet - patrickat_private -
     T:+31-70-3111010 - F:+31-70-3111011 - Read news at 
     PGPID 155C3934  fp DD29 1787 8F49 51B8 4FDF  2F64 A65C 42AE 155C 3934
     Excuse of the day: We've picked COBOL as the language of
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 13:33:46 PDT