Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Scanner found Firewall-1 S/Key Authentication Vulnerability

To: [email protected]
Subject: [FW1] Scanner found Firewall-1 S/Key Authentication Vulnerability
From: "Allan Pratt" <[email protected]>
Date: Tue, 06 Feb 2001 14:30:29
Sender: [email protected]

Hi,

I ran a scan on our FW-1 and it found the following:

Scanner found Firewall-1 S/Key Authentication Vulnerability

Description: In some versions of FireWall-1, the implementation of S/Key authentication uses a poor source of entropy in regeneration of chains, and is therefore susceptible to a simple brute force attack.

Weak or easily bypassed authentication mechanisms could provide attackers with a simple avenue of approach to penetrate your network and mount further attacks against internal systems.

Suggestion: Checkpoint has produced a patch to address this issue. If your firewall is found to be vulnerable to this check, you should upgrade to the latest version immediately.

Where is this patch? I could not find it?

Any one have anything to add about this issue?

Thanks!

/ap


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] GRE Decoding
Next by Date: RE: [FW1] Firewall-1 on Sun 220R, any problems?
Previous by thread: Re: [FW1] GRE Decoding
Next by thread: [FW1] Checkpoint dilemma (Route && ARP)
Index(es):
- Date
- Thread