> IIS lockdown tool. This is kind of like the telnet exploit that you tried to > pass off as a VLAN issue isn't it? >
as others mentioned there in that switches/VLAN thread, if the switch can be compromised, then yer VLANs are worth squat. Or are you reading replies selectivly? > > > --17 August 2001 Patch Available for ISA Server 2000 Flaws > > > Microsoft has issued a patch to repair three holes in its Internet > > > Security and Acceleration (ISA) Server 2000. Two of the flaws are > > > memory leaks: one in the voice-over-IP capability, and one in the > > > proxy service that could lead to denial of service. The third is an > > > error message-handling problem that could allow attackers to execute > > > malicious code and use cookies on the affected machines. > > > > > http://computerworld.com/nlt/1%2C3590%2CNAV65- > > 663_STO63199_NLTSEC%2C00.html > > My bad, although this causes the box to fail closed, and is not on by > default according to the guy I talked to. > Three flaws though, in the one patch, old, patched, but, does dicredit the statment that there have been *no* problems reported with their product. One has to take into account the history of the company, which has only recently taken to refocusing itself upon security being primary over toys and trinkets. Now folks are watching to see how much of a refocusing is really implimented. some are even demanding this be effective: Air Force CIO Wants Better Security In Microsoft Products http://www.usatoday.com/life/cyber/tech/2002/03/11/gilligan.htm > > > > From: SecureXpert DIRECT Bulletin Service <[EMAIL PROTECTED]> > > Subject: [SX-20010320-2] - Microsoft ISA Server Denial of Service > > Date: Mon, 16 Apr 2001 11:47:59 -0400 > > To: [EMAIL PROTECTED] > > > > FSC Internet Corp. / SecureXpert Labs Advisory [SX-20010320-2] > > > > Denial of Service in Microsoft ISA server v1.0 > > > <snip> > > Seems to be the same as above, fixed in the same patch. > > > > > That's an awfully agressive statment considering the above. > > > > Nah, I don't see it much different than the M$ crap that is so prevalent on > this list, or the "ISA isn't a real firewall" bullshit. > History, that's the key though. It's kinda like a kid that screws up badly in life, and then decides to go 'right' and be a decent little fellow, and does not understand whay folks still look at him skeptically and question his commitments when he sldies off the beaten path, he has developed a history, and it can take a long time to overcome such things... Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
