Re: [fw-wiz] Variations of firewall ruleset bypass via FTP

• Previous message: David Kennedy CISSP: "Re: [fw-wiz] Tunnel intruder"
• In reply to: Paul Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Paul D. Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Darren Reed: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Reply: Paul D. Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In some email I received from Paul Robertson, sie wrote:
> On Sat, 12 Oct 2002, Darren Reed wrote:
> 
> > This deserves more treatment than I have given it because I'm
> > sure it is a reflection of an attitude people form when they
> > have no understanding of roles and responsibilities people have,
> > never mind what "software engineering" is, beyond a simple "hack
> > on it" mentality.
> 
> I think you're taking it more personally than you should[1], let me see if 
> I can take a less inflamitory stance...
> 
> > So your reading, of my saying meaning the "someone else" to be the
> > users is quite incorrect.  What I said was, literally, quite correct.
> 
> I think what Mikael's concern was (and he'll pipe up if I'm wrong, I'm 
> sure) is that folks looking at the vuln. note will see "IPFilter- Not 
> vulnerable." and stop there, rather than looking for a Net- or Free- 
> entry.  "Check the specific OS line, or your version number, or upgrade." 
> Might be more helpful too.

Well what other conclusion do you arrive at when you've spent several
days testing and failed to make the problem happen ?

That said, my feedback mentioned quite specifically that ipfilter was
not vulnerable to *that* exploit, ie the one we received from CERT,
written by Mikael, and that it may be vulnerable to others (I have
not seen all the others so I can't be sure, either way.)

Unfortunately the people behind security-officer for NetBSD have been
next to useless in this case and if you asked me, their largesse in
this case would be a good excuse to give them all the ass (it's not
a fun job, either.)  FreeBSD has not been much better.

What compounds my annoyance about all this is the lack of information
available to me, at the time.  To me the notes looked like someone had
specifically developed an ftp daemon to tickle the problem and if that
is what it took, I was just simply not interested.

Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Next message: Paul D. Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Previous message: David Kennedy CISSP: "Re: [fw-wiz] Tunnel intruder"
• In reply to: Paul Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Paul D. Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Darren Reed: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Reply: Paul D. Robertson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Oct 12 2002 - 05:48:10 PDT