While on the subject of Netscreens, v1.62 of the firmware is also susceptible to an attack identical to the session table flood described for Checkpoint-1 back in August. I've talked with Netscreen about this, and they will have fixes rolled out into the 1.64 release. They have patches availble now that they should give out on request. Dave McPike Link Consulting, Inc. dmcpikeat_private "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." --Hippolyte Taine On Tue, 5 Oct 1999, Ash wrote: > Just for random value I will mention a change in the NetScreen line of > firewalls that occured in v1.62 of the firmware. > > They disabled the forwarding of non-IP traffic in transparent mode. > > Yes, prior to this, if operating as a transparent device, which was > the default and suggested configuration, the device would forward all > non-IP packets such as IPX from trusted to untrusted and such. > > -- > Ash <ashat_private> > > "Knowledge moves at the speed of light; molecules move at 600 miles per hour > with FedEx." > -- Bill Gross, referring to the Internet >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:06:54 PDT