On 5/31/07, Family Heritage Books <[EMAIL PROTECTED]> wrote: > Recently I ran across an article in eweek > http://www.eweek.com/article2/0,1895,2130397,00.asp?kc=EWKNLEDP051607B > basically saying that there is a serious security hole affecting > virtually every major firewall and intrusion prevention system available. > It seems to involve a network evasion technique that uses full-width and > half-width unicode characters to allow malware to evade detection by an > IPS or firewall. > > Does anyone know if this is an issue that affects Shorewall.
The article sounds to me like it does not even affect firewalls at all: "The vulnerability concerns HTTP content-scanning systems", which is something like snort, not shorewall. The article probably just is a bit too much mainstream / not-technical, and thus puts in "firewall", because that's what people associate with defenses from internet threads. ~David ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
