[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0604152203050.10189@shalla.de>
Date: Sat, 15 Apr 2006 22:23:48 +0200 (CEST)
From: Christine Kronberg <seeker@...lla.de>
To: 3APA3A <3APA3A@...URITY.NNOV.RU>
Cc: bugtraq@...urityfocus.com
Subject: Re[3]: Bypassing ISA Server 2004 with IPv6
Dear 3APA3A,
> Microsoft ISA Server can't filter events from Microsoft Mouse, but
Apples and peas?
> Microsoft Mouse can be bound to computer. It's security risk, but I know
> how to secure mouse without ISA and I accept this risk.
Nice, that you do. If I manage by any means to see remotely
that you have attached a mouse to your ISA and to (ab)use it,
I'm much better that I thought - and you have much bigger problems
than you thought.
The nice thing about icmp is that I do not require much knowledge
to get information remotely. Same true with ipv6. Unless something
in between stops me. Which brings us back to the topic: a firewall
allowing too much.
> IPv6 can not be filtered by ISA, but it still can be filtered by
> different tools, or by it's own means, as IPv6 support network-level
> security. Unlike IPv4, IPv6 supports authentication, integrity checking
> and encryption natively. See ipsec6.exe and descriptions for Security
> Association Batabase and Security Policy Database.
So you state that it is perfectly well for a firewall to allow
any traffic through. Per default? And that this firewall does not
need to have the interface to configure what traffic is allowed?
I disagree.
If a firewall supports a protocol, that same firewall should also
provide the proper means and interface to configure it. And not blow
holes in networks.
Cheers,
Christine Kronberg.
Powered by blists - more mailing lists