what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

symantecWireless.txt

symantecWireless.txt
Posted Jun 10, 2004
Authored by Dev Null

The Symantec Gateway Security 360R fails to prohibit non-VPNed wireless connections when the directive to enforce tunnels is set.

tags | advisory
SHA-256 | 179a41248346521d57a670433db1db150c5b195e6cc51ed7be19c5c0cedcc1bd

symantecWireless.txt

Change Mirror Download
I think we have discovered a possible security flaw in the wireless security
routines for the SGS 360R.

While configuring Secure WLAN settings in the 360R we have discovered that
the "Enforce VPN Tunnels/Disallow IPSec pass thru" and "Enforce VPN
Tunnels/Allow IPSec pass thru" setting in both 2.1 build 300 and build 415
firmware do not appear to actually prohibit non-VPNed wireless connections
from reaching the internal LAN. According the documentation when using
either of the "Enforce VPN Tunnel" modes, only DNS, DHCP, and ARP traffic
are allowed to reach (we believe this also include ICMP, but its not
documented) the internal network without being encrypted by the VPN. We have
been able to send a wide variety of TCP/IP traffic (including ODBC and HTTP)
to the internal LAN over a connection that is suppose to allow only traffic
traveling inside a VPN.

We have confirmed this internally using a single SGS 360R with the Symantec
Wireless Access Point card and two Win2K laptops with WPC45G Linksys WiFi
cards.

This occurs whether or not WEP is being used.

Has anyone experienced this problem? Can anyone reproduce it?

We have reported the problem to Symantec and they are investigating.

thanks,

DN


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close