On Tue, 31 Aug 1999, Lisa Lorenzin wrote:
> This is really a followup to Spiff's note on NT 4.0's TCP sequencing
> vulnerability... I ran across the same article and checked with our
> firewall vendor (one of the major firewalls) to see what level of exposure
> this would cause us. (And our customers - we're a VAR for that particular
> firewall...) Got the following reply, which I've sanitized -
The easiest way to elminate this problem is to force all TCP sessions
to traverse an application-level firewall (e.g. SOCKS) running on an
operating system that doesn't have the problem. This would mean that
your software would have to support, and be informed of, a proxy
server.
Bob
======================================
Bob Friesenhahn
[EMAIL PROTECTED]
http://www.simplesystems.org/users/bfriesen
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
