Testing firm finds network firewall failures, vulnerabilities

Three out of six firewalls failed to remain operational when subjected to the NSS Labs’ stability tests. Moy called the firewall failures alarming. All of the firewalls tested had ICSA Labs and Common Criteria certifications, he said.

“In addition to a denial-of-service, it could potentially open up a hole and allow an attacker to get in,” Moy said. “One of the firewalls – when it crashed – gave the attacker inside root access without requiring password to the firewall.”

Five out of six vendors failed to correctly handle a TCP Split Handshake or Sneak ACK attack. The attack is similar to IP spoofing. The technique is well known in the hacking community and enables an attacker to bypass a firewall, rarely being detected.

via Testing firm finds network firewall failures, vulnerabilities.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s