Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Scanner found Firewall-1 S/Key Authentication Vulnerabi lity

To: "'Allan Pratt'" <[email protected]>, [email protected]
Subject: RE: [FW1] Scanner found Firewall-1 S/Key Authentication Vulnerabi lity
From: Amin Tora <[email protected]>
Date: Tue, 6 Feb 2001 13:45:39 -0500
Sender: [email protected]


The vulnerability was discovered in July and presented during the BlackHat
briefings...

If you are running 4.0 you need to patch to what the latest patch is (SP8;
although, if I remember correctly, SP7 addresses the vulnerability).  

4.1 (cp2000) has SP3 as the latest patch (SP2 addresses the vulnerability).

You can get this from http://www.checkpoint.com/download

You need to have Software Subscription to download patches... When you get
Software Subscription, and register, they will give you a u/l for the site.


Amin Tora
ePlus Technology
http://www.eplus.com
NASDAQ: PLUS



-----Original Message-----
From: Allan Pratt [mailto:[email protected]]
Sent: Tuesday, February 06, 2001 9:30 AM
To: [email protected]
Subject: [FW1] Scanner found Firewall-1 S/Key Authentication
Vulnerability 



Hi,

I ran a scan on our FW-1 and it found the following:

Scanner found Firewall-1 S/Key Authentication Vulnerability

Description:
In some versions of FireWall-1, the implementation of S/Key authentication 
uses a poor source of entropy in regeneration  of chains, and is therefore 
susceptible to a simple brute  force attack.

Weak or easily bypassed authentication mechanisms could  provide attackers 
with a simple avenue of approach to  penetrate your network and mount 
further attacks against  internal systems.

Suggestion:
Checkpoint has produced a patch to address this issue. If  your firewall is 
found to be vulnerable to this check, you  should upgrade to the latest 
version immediately.

Where is this patch?  I could not find it?

Any one have anything to add about this issue?

Thanks!

/ap


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Pros and Cons of IP440 vs Solaris Checkpoint
Next by Date: [FW1] FW- 1 CP 2000 using HTTPS
Previous by thread: [FW1] Fw: Where to get docs for Check Point FW
Next by thread: [FW1] FW- 1 CP 2000 using HTTPS
Index(es):
- Date
- Thread