Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] HTTP Proxy Security Hole!!!

To: [email protected]
Subject: Re: [FW-1] HTTP Proxy Security Hole!!!
From: Amin Tora <[email protected]>
Date: Tue, 19 Feb 2002 11:21:39 -0500
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Interesting... I haven't tried this yet - but from what you are saying it
seems more of a "configuration" issue rather than a security hole needing a
patch.

What did your rulebase look like when you did this test.  Provide us more
details...    :)


Amin Tora, CISSP
Director, Secure+
ePlus Technology Inc.
http://security.eplus.com

**NOTICE**
------------------------------------------
This message may contain confidential and/or proprietary information, and is
intended only for the person / entity to whom it was originally destined.
The use of this information and unauthorized access to this information for
any other means is strictly prohibited.  The content of this message may
also contain private views and opinions that do not constitute a formal
disclosure or commitment unless specifically stated. If you have received
this message in error or you are not the intended recepient(s), please
notify the sender and delete the email from your computer(s).
------------------------------------------



> -----Original Message-----
> From: Snyder, Ryan [mailto:[email protected]]
> Sent: Monday, February 18, 2002 7:20 PM
> To: [email protected]
> Subject: [FW-1] HTTP Proxy Security Hole!!!
>
>
> Try this on your firewall if you are running HTTP Proxy!
> Checkpoint has yet
> to release a fix.
>
> Step one: telnet to a machine behind the checkpoint firewall
> on port 80
>         (it can be a fake machine that doesn't exist, as long
> as the name
> resolves)
>
> Step two: Type the following:
> >CONNECT mailserver.somecompany.com:25 / HTTP/1.0
> >User-Agent: eeep
> >Cache-Control: private,no-cache
> >Pragma: no-cache
> >
>
> Step three: wait a moment for your SMTP banner to pop up.
>
> You can then send SPAM email, and it looks like it came from
> your firewall.
> I also found out that one can telnet to machines on a network that are
> protected by the Firewall.
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] Redundant firewalls without fancy software?
Next by Date: [FW-1] Software Distribution Server
Previous by thread: Re: [FW-1] HTTP Proxy Security Hole!!!
Next by thread: [FW-1] IP Address Spoofing
Index(es):
- Date
- Thread