From: InfoSec News (isnc4i.org)
Date: Mon Oct 01 2001 - 05:13:59 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Patrick Oonk <patrickpine.nl>

On Sun, Sep 30, 2001 at 05:23:22AM -0500, InfoSec News wrote:
> Forwarded from: Tim Slighter <timslighterhome.com>
>
> I read that story and I would like to have the glorious opportunity of
> confronting the "so-called" hackers to find specifics on how exactly
> they managed to bypass perimeter defense. First off, what Financial
> Institution would be stupid enough to place DNS on the same server as
> the Firewall ? (especially if there was 50 Million of that guy's cash
> there), Secondly, even if they had done something so stupid as placing
> DNS on the Firewall, the only bypass vulnerability that Checkpoint
> Firewall-1 has been known to have is the PASV FTP where a one way
> connection could be exploited given very specific conditions.
> Assuming that they had gained access, then the initial claim that they
> had "hacked" the DNS server would indicate that access was gained via
> port 53 or a known exploit via DNS, this however, would not provide
> them with any known exploits by which to bypass the Firewall. The
> more I research this and the more I think about it, that story has
> more holes in it than Swiss Cheese. What a HOAX !!

Another thing someone pointed out at me: why would an Islamic bank in
Sudan use the Israeli product Checkpoint Firewall-1 ?

        Patrick

--
 patrick oonk - pine internet - patrickpine.nl - www.pine.nl/~patrick
 T:+31-70-3111010 - F:+31-70-3111011 - Read news at http://security.nl
 PGPID 155C3934 fp DD29 1787 8F49 51B8 4FDF 2F64 A65C 42AE 155C 3934
 Excuse of the day: We've picked COBOL as the language of
 choice.

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]