Hi! I found a little weakness in SonicWall: I turn on the blocking mechanism for websites (e.g. www.google.com). Now I can't reach the website using the domainname. But if I choose the IP address of the host (e.g. http://216.239.53.101/), I can contact the forbidden website. The same issue I've discovered for NetGear FM114P in http://online.securityfocus.com/bid/5667 It would make sense if you can do an internal nslookup. Otherwise the user can do a workaround and adding always the ip address(es) of the blocked websites. But this can cause some problems if there were some virtual hostings. A smart attacker can use some dottless-ips to bypass the new workaround IP filter. The box will sadly loose performance because of the additional filter line(s). My description was sent on 02/10/15 to infoat_private - No response came back. The blocking URL message style and problem reminds my the website blocking mechanism by NetGears FM114P. It could be that both use the same mechanism (by a 3rd party?). So, if the bug is fixed for one box the other will also be fixed - I think so. Bye, Marc -- Computer, Technik und Security http://www.computec.ch
This archive was generated by hypermail 2b30 : Tue Oct 29 2002 - 14:47:09 PST