Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Alexie on December 13, 2000, 06:04:51 PM

Title: Firewall Penetrated..!!
Post by: Alexie on December 13, 2000, 06:04:51 PM

Hi All..

I have tested my Firewall with this small program.
Do we have a problem here.??

Firewall Penetrated!

LeakTest WAS ABLE to connect
to the GRC NanoProbe Server!

LeakTest was not prevented from connecting to the Gibson Research NanoProbe server. You either have no firewall, you have configured it to allow LeakTest to connect outbound, or LeakTest has just slipped past your firewall's "protection"!

http://grc.com/lt/leaktest.htm

Title: Not an issue (was RE: Firewall Penetrated..!!)
Post by: Gordon Rowell on December 13, 2000, 06:12:15 PM

Alexie wrote:

> Hi All..
>
> I have tested my Firewall with this small program. Do we have a
> problem here.??
> [...]

No, e-smith is configured for transparent _OUTBOUND_ connections for
most services.

Also, a public bulletin board is not the appropriate forum to discuss
security issues in the first instance. Mail should be sent to the vendor
(in this case e-smith) to allow determination of the problem, if one
exists - which it does not in the case.

If you believe there is a security problem with e-smith, send mail to:
   security@e-smith.com


If you have further information, please discuss it on the above alias.

Thanks,

Gordon

Title: RE: Firewall Penetrated..!!
Post by: Justin Funke on December 13, 2000, 06:13:44 PM

No problem, the e-smith server did exactly what it was supposed to do.

It is setup by default to allow outbound connections from your local network. From what I gather that is all leaktest is testing for. (kind of silly if you ask me)

The theory behind it is that any kind of "phone home" trojan or worm can be blocked from outbound connections by a firewall. There are several trivial ways around this anyways so I wouldn't worry too much about "leaktest"

Title: Firewall not penetrated (was RE: Firewall ...)
Post by: Charlie Brady on December 13, 2000, 06:14:51 PM

Alexie wrote:

> I have tested my Firewall with this small program. Do we have a
> problem here.??
>
> Firewall Penetrated!
>
> LeakTest WAS ABLE to connect to the GRC NanoProbe Server!

No, we don't have a problem. The e-smith server and gateway IP masquerade feature allows transparent outbound connections from your LAN to the Internet. Your LeakTest program was able to create an outbound connection, so we know that that feature works as intended.

Regards

Charlie

Title: RE: Firewall Penetrated..!!
Post by: NN on December 14, 2000, 12:57:49 AM

Some people feels realy exited when they think they are penetrating something!

Title: RE: Firewall Penetrated..!!
Post by: Alexie on December 14, 2000, 02:41:44 AM

Me, realy exited..No No..

I just like to know if there is a problem, that's all..