Results 1 to 2 of 2

Thread: Kerio Personal Firewall 2.xx vulnerability

  1. #1
    Senior Member
    Join Date
    Jun 2002

    Kerio Personal Firewall 2.xx vulnerability

    Hi, ever since I discovered antionline I gave developed a increasing interest in security. More so now then before. Upon searching for vulnerabilities in my firewall (KPF) I found this site:


    It apears as if my firewall is vulnerable to a synflood atack. I have done all the tests avaiable at http://www.pcflank.com/ which includes:

    Steath test, advanced port scan test, exploits test, browser test and trojan test. I passed all tests except for the cookie test, as I still acept some cookies while blocking third party.

    After doing all those tests I felt comfterable with my security, untill I found http://ossr.phpwebhosting.com/module...article&sid=62

    I checked my version and I have version 2.1.4 so this is of concern to me. Does anyone know if this has been patched or how I can safely test my system with the synflood atack.

    The article says version 2.xx but I cant see them testing all sub versions. Is there some site I can go to to check if I am still vulnerable?
    In snatches, they learn something of the wisdom
    which is of good, and more of the mere knowledge which is of evil. But must I know what must not come, for I shale become those of knowledgedome. Peace~

  2. #2
    Senior Member
    Join Date
    Jan 2002

    Re: Kerio Personal Firewall 2.xx vulnerability

    Wiindows with latest security patch or hotfix alone can handle 300-500 syn packets from a single host.

    Taken from http://ossr.phpwebhosting.com/module...article&sid=62
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts