Comment on what? He gives almost nothing to go on. The least I would expect is an outline.
Are you telling me that vagueness is considered acceptable? Honestly, I am not convinced. I have seen countless issues fly by, but rarely did anyone say something without providing details. The foundation of this users group is to help each other. His email offers no help or even insight into the problem. He does not even provide a method of verifying the problem. What if this is a real threat, do you want to wait until GTA has time to confirm it (without any real direction to start from) before considering options? All the while knowing you have a potential time bomb sitting at the gate. I say - NO. I rarely speak out like this - But this is wrong. Please don't play games with everyone's careers by keeping secret what could prove a major security threat. Now if he has already informed GTA how to reproduce the problem, GREAT - Tell us that so we don't sit by breathlessly waiting for the other shoe to drop. I apologize for the "tone" of this and the last email. Perhaps it's because I have not had ANY coffee yet. Perhaps, it's out of frustration. Or both... In either case, it is not my intent to belittle, insult or offend any of you -especially Andrew, the person that sent the first email on this issue. I am simply trying to make very clear what we are risking by not being open and informing the group of details. Personally, I will try to help anyone that wants it, expecting they will do the same some day for someone else (good deed deserves another and all). I shall say no more on this matter and wait for the group's response(s). Regards and apologies to all, Danny -----Original Message----- From: Michael O'Quinn [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 26, 2002 9:33 AM To: Gnat Box Users list Subject: RE: [gb-users] Any ideas who I would contact at GTA with regards to a possible way to crash a GNATBox fire wall? Actually, This is a potential security issue, and it is usually considered appropriate to give the vendor a chance to at least comment on it before releaseing the details. On Thu, 26 Sep 2002, Cox, Danny H. wrote: > That's nice. > > It is probably by flooding the DMZ NIC - an old hack trick. > > Try inserting a RAF (Remote Access Filter) that denies all protocols > from directly accessing the DMZ NIC. > > FYI: Bad manners to claim you know something but "won't say until > someone fixes it". It also sounds very childish. > > Have a good day, > > Danny > > -----Original Message----- > From: Andrew Batson [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, September 25, 2002 7:54 PM > To: [EMAIL PROTECTED] > Subject: [gb-users] Any ideas who I would contact at GTA with regards to > a possible way to crash a GNATBox fire wall? > > Hello All, > I found a possible way to crash the GNAT firewall (gives me a kernel > fault) every time in the GNATBox light version 3.3.0. Note, when I do > the same process using GNATBox version 3.2.5, it does not crash at all. > > I not 100% sure why this sis happening, only that it is. I have compared > the configuration information for both 3.2.5 and 3.3.0 are the same. > Also, it is running on the same hardware. So far this evening, every > time I do this process when using the GNATbox version 3.3.0, it crash > but not once has it crash under 3.2.5. > > Will not say how I crash the GNAT firewall until GAT personnel can > explain/fix the problem - if it is a problem. They may even be aware of > it already not sure? > > Thanks, > Andrew AKA "Dyslextic" > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
