In some email I received from Daniel Hartmeier, sie wrote: [...] > Mikael, can you recommend a suitable OS and ftp daemon combination that > allows testing (the ftp server has commands that quote queries in the > needed way and the OS' stack does partial retransmissions)? Tell me what fool would agree to this setup ? This is like a "Watch me tunnel IP packets over DNS and show you how your firewall does not stop me hack internal boxes" where someone gets to pick the DNS server on the inside and outside. Pick a vendor's distribution that you think will work. That brings me to another point, that was sorely missed in all the public material I've seen so far, except maybe by Sun (and in the wrong way) and that is you need a very special ftp daemon (i.e. not any of the vendor ones I have tried) before it will stand a chance of defeating IPFilter. Darren _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Thu Oct 10 2002 - 12:11:14 PDT