Forwarded from: Patrick Oonk <patrick@pine.nl>
On Sun, Sep 30, 2001 at 05:23:22AM -0500, InfoSec News wrote:
> Forwarded from: Tim Slighter <timslighter@home.com>
>
> I read that story and I would like to have the glorious opportunity of
> confronting the "so-called" hackers to find specifics on how exactly
> they managed to bypass perimeter defense. First off, what Financial
> Institution would be stupid enough to place DNS on the same server as
> the Firewall ? (especially if there was 50 Million of that guy's cash
> there), Secondly, even if they had done something so stupid as placing
> DNS on the Firewall, the only bypass vulnerability that Checkpoint
> Firewall-1 has been known to have is the PASV FTP where a one way
> connection could be exploited given very specific conditions.
> Assuming that they had gained access, then the initial claim that they
> had "hacked" the DNS server would indicate that access was gained via
> port 53 or a known exploit via DNS, this however, would not provide
> them with any known exploits by which to bypass the Firewall. The
> more I research this and the more I think about it, that story has
> more holes in it than Swiss Cheese. What a HOAX !!
Another thing someone pointed out at me: why would an Islamic bank in
Sudan use the Israeli product Checkpoint Firewall-1 ?
Patrick
--
patrick oonk - pine internet - patrick@pine.nl - www.pine.nl/~patrick
T:+31-70-3111010 - F:+31-70-3111011 - Read news at http://security.nl
PGPID 155C3934 fp DD29 1787 8F49 51B8 4FDF 2F64 A65C 42AE 155C 3934
Excuse of the day: We've picked COBOL as the language of
choice.
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.
Received on Mon Oct 1 14:41 CDT 2001