I've just posted a paper that might interest the firewall community. Know Your Enemy: A Forensics Analysis. The paper covers step by step a named/DNS exploit which happened three weeks ago. This paper is an excellent example of why no additional services should run on a firewall. I often see DNS ran on FW-1 firewalls and cringe at the risk the site is taking. You can find this paper at: http://www.enteract.com/~lspitz/forensics Hope this helps :) Lance Spitzner http://www.enteract.com/~lspitz/papers.html ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
