I think I know the answer to this but I just wanted to get a straw Poll type opinion from you guys. Recently, whilst performing a Penetration Test I developed a Java script which, with the use of some tools, disables a well known personal firewall. This personal firewall was designed as is used so that the company can centrally control what Hosts and Networks a user can access via the use of profiles. Can you see what it is yet? Anyway, would you guys consider the ability to disable the firewall remotely a vulnerability or does it fall simply in the arena of technique in the use of already existing tools and vulnerabilities? Cheers,Liam.
This archive was generated by hypermail 2b30 : Tue Jul 16 2002 - 09:51:38 PDT