---------- > From: Paul Sears <Paul_Searsat_private> > To: BUGTRAQat_private > Subject: Re: Firewall-1 Security Advisory > Date: Monday, October 26, 1998 8:58 PM > > Diligence Risks wrote: > > > Diligence Security Advisory > > > > Issue: Checkpoint's Firewall-1 has a "feature" that can allow an external > > intruder to pass through the firewall and attack machines, unihibited, on > > the protected side. > > -SNIP- >This is documented in the administration guide and CCSE training > classes also cover these. According to Check Point sources this is undocumented. Having also read through the CCSE manuals the only thing close to a caveat I can find is the following (CCSA manual- Page 5-49 - Configuring Control Properties) Begin Quote Currently, the most common errors during implementation of Firewall-1 are made in the Control Properties. The reason for these errors are: 1) Misunderstanding the importance of direction when packets are inspected, and 2) Misunderstanding of how the Control Properties and the Rule Base Matching Order work together. End Quote So the closest thing to a warning, comes not in the manuals that come with the software - but you have to pay to go on a course for this info. I may be wrong about this - if you know of any other place where this is documented please let me know. Cheers, David Litchfield MCP+Internet Information Security Specialist
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:12 PDT