[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Possible NT IpForwarding Security Issue.
No. FireWall-1 has two parts: a device driver component and user-level processes. When you type fwstop (or do an "fw unload"), what happens is that the security policy is unloaded and IP Forwarding is disabled. On Unix, it is done automatically by disabling it in the TCP/IP stack directly (AIX being the notable exception here). On Windows NT, the kernel driver (which sits between the TCP/IP stack and the NIC driver) prevents the forwarding of packets. If the FireWall-1 processes terminates abnormally (as listed in Services or the fwd/fwm processes under Unix), the device driver is still allowing packets to flow through the firewall according to the security policy. However, logging and anything that otherwise relies on the security servers or the fwd/fwm processes will not function. If the FireWall-1 Device Driver crashes, it should cause the entire system to crash. -Sumit -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of [email protected] Sent: Thursday, January 18, 2001 12:46 PM To: [email protected] Subject: [FW1] Possible NT IpForwarding Security Issue. Hi, One question has been occupied us for the past day: If the Firewall service goes down or is stop by mistake, Windows NT is Still Alive and IPforwarding is enable, would the nt server route packet to the protected server in the internal network or in the DMZ ? Sylvain ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|