Hi David,

The firewalls are not configured to confuse the scanner. The configurations
have been checked by the Checkpoint Tech Support and the Checkpoint SMEs
from our team. This is not a mis-configuration issue and SYNdefender is
disabled.

Regards,
Sanjay Naik, CISSP
Sr. Security Consultant

----Original Message Follows----
From: David Henning <dhenning (at) hns (dot) com [email concealed]>
To: "Pawel Worach" <pawel.worach (at) gmail (dot) com [email concealed]>
CC: bugtraq (at) securityfocus (dot) com [email concealed], sanjaynaik (at) ieee (dot) org [email concealed]
Subject: Re: Checkpoint SYN DoS Vulnerability
Date: Tue, 16 May 2006 17:00:03 -0400

Souds to me like the firewall is configured to confuse scanners on
purpose. If the performance really does degrad to DoS levels then this is
more likely a mis-configuration of one of their add-ons, not an actual
bug. Have the settings for their IPS and SYN-Defender been checked
carefully?

David Henning, CISSP
Principal Security Analyst
Hughes Network Systems
x5533

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

[ reply ]