Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Security Hole found in NAI Firewall
Kevin Poulsen, SecurityFocus 2000-05-22

Censorware gaffe turns "World's Most Secure Firewall" into an open door.

Comments Mode:
The key is not "quick response" 2000-05-22
Anonymous (1 replies)
The key is not "quick response'--the key is writing secure code and having appropriate testing methodologies that will catch vulnerabilities before the product goes out the door. Yes, quick response is important when unforeseeable issues arise, but this security problem should not qualify as unfore...

[ more ]  [ reply ]
Quick Response is a 'MUST' 2000-05-22
Anonymous (2 replies)
Coming from an organization that has a great deal of experience with numerous firewalls including: Gauntlet, Sidewinder, Cyberguard, Raptor, Checkpoint, etc, I will agree with you that there are 'stronger' firewalls. Sidewinder is an extremely secure product because of its type enforcement. Unfortu...

[ more ]  [ reply ]
Quick Response is a 'MUST' 2000-05-24
Anonymous
While I agree that qriam, and vendors should be given high

marks for rapid turn around when security issues are found,

the original comment is also correct. anyone who writes a daemon that STILL has a buffer overflow problem should be shot. well... should seriously consider getting another job. ...

[ more ]  [ reply ]
Quick Response is a 'MUST' 2000-05-26
Anonymous
> The KEY is understanding each vendor?s shortcomings, and making a good/educated decision on which product is best for you.

Would anyone recommend a website or a written report that show a comprehensive comparison of features and performance of firewall/VPN products?

...

[ more ]  [ reply ]
This is HUGE 2000-05-22
Anonymous
With root access to the firewall a hacker could run your network without leaving a trail! The hardest part about getting on someones network is finding a way through the firewall. With this exploit all you need to do is setup camp and go at it. If you kept things simple the admin would never have...

[ more ]  [ reply ]
NAI and Gauntlet 2000-05-23
Anonymous
NAI needs to devote the proper resources towards the product. Allowing outside connecitons to a local only services is a slip up that should not have been missed by competent security engineers....

[ more ]  [ reply ]
Security in depth is a good policy 2000-05-23
Anonymous (1 replies)
There is more to making a network and its hosts secure than a "Firewall". These products are gateways in reality, the Firewall is the security filter in its entirety. This includes the routers and switches and internal proxy servers as well as any mail forwarders. There is more to a "Firewall" than ...

[ more ]  [ reply ]
Security in depth is a good policy 2000-05-24
Anonymous
"These problems are an anoyance rather than a security compromise if the network is configured correctly in the first place."

Are you kidding? You think a firewall being hacked with a buffer overflow is an anoyance rather then a security compromise? Please explain what a security compromise i...

[ more ]  [ reply ]
Karma and Security Product Marketing 2000-05-24
Anonymous
Whenever some marketing dweebs use phrases like "most secure," "best security product," and such are just asking for a media fiasco. While it _might_ be technically possible to have the most secure or best product for a moment, but technology, vulnerabilities and classic end user configuration capab...

[ more ]  [ reply ]
I had problems preventing stuff listening on external interfaces 2000-05-24
Anonymous
I've had problems with Gauntlet's packet filters.

OK so that's not their strong point. But then unfortunately ANY stuff running on the firewall tends to be bound to most ports, no filtering whatsoever- e.g. Xserver, apps etc. I tried to stop that, but I could not figure out how to get their packet ...

[ more ]  [ reply ]
No comment! 2000-05-24
Anonymous
The firewall strategies should be view as a system not as small software. This is what is happened when you relay only on software. The history was provide so many examples, but not to much people learn something from :-(

Sfinx...

[ more ]  [ reply ]
The scary thing... 2000-05-26
Anonymous
... is that the overflow was created by NAI engineers.

These are the guys that are supposed to know how to

produce secure code. These are the guys that are

supposed to create code that can be easily audited.

These are the guys that are expected to audit their

own code before releasing it.

...

[ more ]  [ reply ]
Simplicity 2000-05-29
Anonymous
Many years ago I was responsible for the selection of Gauntlet as our corporate firewall solution. The basis for my selection was some previous experience with the TIS FWTK (Firewall Toolkit),TIS's philosophy of opening the soucecode to the security community for public scrutiny, but more than anyth...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus