lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050603180807.GA7143@sophic.org>
Date: Fri, 3 Jun 2005 14:08:07 -0400
From: Derek Martin <code@...zashack.org>
To: bugtraq@...urityfocus.com
Subject: Re: Backdoor in FortinetĀ“s firewall Fortigate

On Thu, Jun 02, 2005 at 12:28:53PM -0700, Michael J McCafferty wrote:
> 
> This is a documented feature of the FortiGate and FortiLog devices.
> You must have a local serial connection. So, this is not remotely
> exploitble. If someone has physical access to your firewall to make
> a serial connection, then you have plenty of other problems too.

While this is definitely so, in the real world we do not always have
complete control over who has physical access to our devices.  We may,
for example, have co-located devices in a facility managed by some
other entity.

Some PC manufacturers have a jumper on the motherboard which can be
used to reset BIOS passwords/defaults, which requires that the machine
be taken out of service in order to be reset (or tampered with).  I
think this is a much better model for device recovery than a default
password on a console login...  We are probably a lot more likely to
notice our firewall being taken out of service than we are to notice
someone tampering with the console...

-- 
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ