Re: Default configuration in WatchGuard Firewall

From: Pavel Kankovsky (peakat_private)
Date: Sun Sep 05 1999 - 04:07:58 PDT

Previous message: Wietse Venema: "Re: I found this today and iam reporting it to you first!!! (fwd)"
Maybe in reply to: Alfonso Lazaro: "Default configuration in WatchGuard Firewall"
Next in thread: Ryan Russell: "Re: Default configuration in WatchGuard Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2 Sep 1999, Alfonso Lazaro wrote:

> 	So if our firebox is defending our internal network ( 192.168.x.x ... )
> and our WG Firewall is a proxie with an external ip in internet ( 100.100.100.100 hipotetic ip address ) the atacker can change his/her routes like so :
>
> 	# route add -net 192.168.0.0 netmask 255.255.255.0 gw 100.100.100.100

I am afraid this will work only if either of these conditions is true:
1. the attacker is connected directly to the firebox's external interface
2. the attacker's OS will source route such packets and every intermediate
   router will honor the specified source routing

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Next message: Marc Heuse: "Re: MW"
Previous message: Wietse Venema: "Re: I found this today and iam reporting it to you first!!! (fwd)"
Maybe in reply to: Alfonso Lazaro: "Default configuration in WatchGuard Firewall"
Next in thread: Ryan Russell: "Re: Default configuration in WatchGuard Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:42 PDT