On September 4th, a message was posted to Bugtraq  (and cross posted to
firewalls)describing a potential problem with the WatchGuard Firebox default
configuration file. The poster,
Sr. Alfonso Lazaro stated that, by default, the WatchGuard Firebox allowed
ping traffic from any interface to any interface. When the WatchGuard Rapid
Response Team saw the post, we began trying both to contact Sr. Lazaro and
to verify his observations. We reviewed our source code and currently
shipping versions of the default configuration file as well as code and
files several generations back. To date, we have been unsuccessful
contacting Sr. Lazaro. We completed our review of the relevant files and
code and were unable to locate anything to support the observations
Sr.Lazaro described in his post. In the absence of any further information
from Sr. Lazaro, we believe that his report of a vulnerability in Firebox
default configuration files is in error.


Steve Fallin
Senior Network Security Analyst
Rapid Response Team
WatchGuard Technologies
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to