On September 4th, a message was posted to Bugtraq (and cross posted to firewalls)describing a potential problem with the WatchGuard Firebox default configuration file. The poster, Sr. Alfonso Lazaro stated that, by default, the WatchGuard Firebox allowed ping traffic from any interface to any interface. When the WatchGuard Rapid Response Team saw the post, we began trying both to contact Sr. Lazaro and to verify his observations. We reviewed our source code and currently shipping versions of the default configuration file as well as code and files several generations back. To date, we have been unsuccessful contacting Sr. Lazaro. We completed our review of the relevant files and code and were unable to locate anything to support the observations Sr.Lazaro described in his post. In the absence of any further information from Sr. Lazaro, we believe that his report of a vulnerability in Firebox default configuration files is in error. Steve Fallin Senior Network Security Analyst Rapid Response Team WatchGuard Technologies - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
