Forwarded from: Patrick Oonk <patrickat_private> On Sun, Sep 30, 2001 at 05:23:22AM -0500, InfoSec News wrote: > Forwarded from: Tim Slighter <timslighterat_private> > > I read that story and I would like to have the glorious opportunity of > confronting the "so-called" hackers to find specifics on how exactly > they managed to bypass perimeter defense. First off, what Financial > Institution would be stupid enough to place DNS on the same server as > the Firewall ? (especially if there was 50 Million of that guy's cash > there), Secondly, even if they had done something so stupid as placing > DNS on the Firewall, the only bypass vulnerability that Checkpoint > Firewall-1 has been known to have is the PASV FTP where a one way > connection could be exploited given very specific conditions. > Assuming that they had gained access, then the initial claim that they > had "hacked" the DNS server would indicate that access was gained via > port 53 or a known exploit via DNS, this however, would not provide > them with any known exploits by which to bypass the Firewall. The > more I research this and the more I think about it, that story has > more holes in it than Swiss Cheese. What a HOAX !! Another thing someone pointed out at me: why would an Islamic bank in Sudan use the Israeli product Checkpoint Firewall-1 ? Patrick -- patrick oonk - pine internet - patrickat_private - www.pine.nl/~patrick T:+31-70-3111010 - F:+31-70-3111011 - Read news at http://security.nl PGPID 155C3934 fp DD29 1787 8F49 51B8 4FDF 2F64 A65C 42AE 155C 3934 Excuse of the day: We've picked COBOL as the language of choice. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 13:33:46 PDT