[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] FW: CERT Advisory CA-2001-17
The firewall itself is NOT vulnerable to RDP attacks (yet). The reason for the Advisory is that the firewall lets through ANY RDP traffic through to Any host Any where by default, and perhaps the supposedly protected network has hosts on it that run RDP and are vulnerable to various attacks. Also, if you leave things default, implied rules aren't logged so you wouldn't know about it. Tim ----- Original Message ----- From: <[email protected]> To: <[email protected]> Cc: <"'[email protected]'"@zentric.com> Sent: Wednesday, July 11, 2001 10:41 AM Subject: RE: [FW1] FW: CERT Advisory CA-2001-17 > > > George, > > after reading the advisory, there's one question I have: If the FW is > configured not to listen on the ports in question (eg. as verified by > nmap), is it still susceptible to this vulnerability? > > I want to be certain, before I start bothering our customers... > > Thanks > Cheers > Ralf > > z+z+z+z+z++z++z+z+z+++z+z++z++z+++z+++z+++z++z+z+z+z++z > Ralf Guenthner, Senior IT Security Consultant > Zentric GmbH & Co. KG - IT Security & Groupware Solutions > Office Phone: +49-6101-556060 > Fax: +49-6101-556065 > mailto:[email protected] > http://www.zentric.com > +z+z+z+z+z++z++z+z+z+++z+z++z++z+++z+++z+++z++z+z+z+z++z > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|