Security Hole found in NAI Firewall

Security Hole found in NAI Firewall
Kevin Poulsen, SecurityFocus 2000-05-22

Censorware gaffe turns "World's Most Secure Firewall" into an open door.

Expand all | Post comment

The key is not "quick response" 2000-05-22
Anonymous (1 replies)

Quick Response is a 'MUST' 2000-05-22
Anonymous (2 replies)

Quick Response is a 'MUST' 2000-05-24
Anonymous

Quick Response is a 'MUST' 2000-05-26
Anonymous

This is HUGE 2000-05-22
Anonymous

NAI and Gauntlet 2000-05-23
Anonymous

Security in depth is a good policy 2000-05-23
Anonymous (1 replies)

Security in depth is a good policy 2000-05-24
Anonymous

Karma and Security Product Marketing 2000-05-24
Anonymous

I had problems preventing stuff listening on external interfaces 2000-05-24
Anonymous

I've had problems with Gauntlet's packet filters.

OK so that's not their strong point. But then unfortunately ANY stuff running on the firewall tends to be bound to most ports, no filtering whatsoever- e.g. Xserver, apps etc. I tried to stop that, but I could not figure out how to get their packet filters to work properly.

I've had better experiences with Cyberguard securitywise, (installationwise cyberguard is terrible :) ) - on Cyberguard, everything is _really_ denied by default. You can't even make outbound connections unless the filters allow you AND you are in the correct level, even if you are root. You must switch to the network level first.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/40/2014#2014

No comment! 2000-05-24
Anonymous

The scary thing... 2000-05-26
Anonymous

Simplicity 2000-05-29
Anonymous