Hi, It is (or at least I thought it was) well known that an http-gw in both Gauntlet and the fwtk should NEVER listen on the external address. On a Gauntlet system use the bind-address directive to make sure it doesn't listen. To be doubly sure set up the appropriate packet filters to stop incoming connections. On a fwtk system I don't recall the bind-address directive being present so I always used packet filters to block incoming connections. If you must "reverse proxy", use plug-gw. Better still put a proxy outside the firewall and plug it through the firewall to the real server. On Thu, 28 Feb 2002, Rashed Alabbar wrote: > Hi all, > > I found some vulnerabilities on the NAI Gauntlet Firewall 5.5 on NT > 4. These vulnerabilities were found in other firewalls, specifically > proxy firewalls, and I tried them on the Gauntlet, it worked. > Colin
This archive was generated by hypermail 2b30 : Fri Mar 01 2002 - 00:15:50 PST