IIS 3.0. This was several years ago, so my memory is a bit foggy. When an
authentication happened, if the single packet didn't have both the id and
the password, authentication would fail. When I traced the traffic, I saw
that the TIS broke the packet into two packets. I also saw two responses
from the remote site, a "authentication failure" and then "invalid
operation". When I wrote a program to send only the first packet, the
authentication failure came back. This is a first year network programming
mistake, assuming that a read will read all the data you sent with the same
packet boundaries. Microsoft's response: it works without the firewall, and
you don't really need firewalls, so get rid of it.
-----Original Message-----
From: Frederick M Avolio [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 08, 2000 2:33 PM
To: Ng, Kenneth (US); 'mouss'; 'Kathy'; [EMAIL PROTECTED]
Subject: RE: More info on NAI & McAfee website hacked.
At 12:58 PM 12/8/00 -0500, Ng, Kenneth \(US\) wrote:
>The vendor product assumed that a response would
>come back in one packet. Well the TIS broke it into two TCP packets,
>perfectly legal, but it broke the vendor product.
:-) Must have been a Check Point ("all the important stuff is on packet
boundtries, isn't it?") Firewall-1.
f
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
