In some email I received from Daniel Hartmeier, sie wrote: [...] > And, yes, based solely on code inspection, I'm very confident that > IPFilter is vulnerable to this attack. Note, this statement: "code inspection". Not a code walk through or even an actual test. > If anyone fancies a little > competition, set up an ftp server behind an IPFilter firewall. Allow me > to connect to the ftp server (using passive mode, so the in-kernel ftp > proxy allows incoming ftp data connections). Setup a fake target, like > an echo "secret" inetd.conf entry, and absolutely filter any access to > that port on the firewall. If I can connect to that port and get the > secret, I win. How much are you betting? How much are you prepared to lose ? Darren _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Wed Oct 09 2002 - 17:56:57 PDT