-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On September 4th, a message was posted to Bugtraq describing a potential problem with the WatchGuard Firebox default configuration file. The poster, Sr. Alfonso Lazaro stated that, by default, the WatchGuard Firebox allowed ping traffic from any interface to any interface. When the WatchGuard Rapid Response Team saw the post, we began trying both to contact Sr. Lazaro and to verify his observations. We reviewed our source code and currently shipping versions of the default configuration file as well as code and files several generations back. To date, we have been unsuccessful contacting Sr. Lazaro. We completed our review of the relevant files and code and were unable to locate anything to support the observations Sr. Lazaro described in his post. In the absence of any further information from Sr. Lazaro, we believe that his report of a vulnerability in Firebox default configuration files is in error. Steve Fallin Sr. Network Security Analyst WatchGuard Technologies -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.0.2 iQA/AwUBN91hnU3Vi9lbkWzpEQKTjwCg6BdeU2WWGcnFGFJZcdJrq+Q/K/kAn1js GUk8UKaWrlmx/yp7b7sDqEH8 =n2LT -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:53 PDT