Problem with Raptor Firewall
Results 1 to 3 of 3

Thread: Problem with Raptor Firewall

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542

    Problem with Raptor Firewall

    Raptor Firewalls use very predictable Initial Sequence Numbers. This makes it easier to spoof connections. This weakness can be used by an attacker to make a spoofed connection to the remote host. It is known that the Raptor Firewall is vulnerable, others may have the same problem. this problem is discovered by Ubizen (a leading Belgian software house)

    Symantec has made a support page to describe this problem and offer a solution. Other Firewalls may also be vulnerable. Those users need to check for a patch for their product.


    Components Affected source:http://www.symantec.com/techsupp/bul...2firewall.html

    Raptor Firewall 6.5 (Windows NT)
    Raptor Firewall V6.5.3 (Solaris)
    Symantec Enterprise Firewall 6.5.2 (Windows 2000 and NT)
    Symantec Enterprise Firewall V7.0 (Solaris)
    Symantec Enterprise Firewall 7.0 (Windows 2000 and NT)
    VelociRaptor Model 500/700/1000
    VelociRaptor Model 1100/1200/1300
    Symantec Gateway Security 5110/5200/5300


    solution for symantec products: read the info at http://www.symantec.com/techsupp/bul...2firewall.html and install the tcp hotfix (http://www.symantec.com/techsupp)

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    thanks victor! thats an interesting script they use. can't wait 'till monday to get to work and play with it. of course i could go in today and.....nah!
    have you tried it?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542

    Nope

    have you tried it?
    Tedob1 do you mean: did you spoof a connection using that vulnerability?
    hmmm []
    to solve the prob you can apply the patches available from symantec.
    http://www.symantec.com/techsupp/enterprise/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •