Firewalls: firewall-1's problem

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	firewall-1's problem
From:	"Vos, Arjan" <Vos . Arjan @ kpmg . nl>
Date:	Fri, 8 Nov 1996 12:08:34 +0100
To:	"'firewalls @ GreatCircle . COM'" <firewalls @ GreatCircle . COM>

Hi all,

In testing a Soltice's firewall-1 (release 2) I found the following:

The firewall's filter rules block all inbound traffic, inculding ICMP
packets. However, when pinging the firewall with ping -l 70000,
firewall-1's GUI somehow seemed to crash as well as all the filter
rules. 

At the same time with pinging I was able to telnet to the firewall and
thus bypass the filter rules (which seem to be crashed with the GUI).
After several minutes the GUI came back to life as well as the filter
rules, but it was to late by then!!!

More tests seem to reveal there's a problem with the logging facilities
of FW-1. It was so busy logging the ping, it "forgot" to do anything
else.....:-))

Can somebody help me out on this one? Has anybody encoutered the same
thing happening? Is it a problem with FW-1's use of syslog or is it a
bug???

Thanks in advance,

Arjan Vos
KPMG EDP Auditors
avos @
 kpmg .
 nl

Follow-Ups:

What are the most important corporate networking needs?
From: "Mark Riggins" <mark @ internetstartup . com>
Re: firewall-1's problem
From: sedayao @ argus . intel . com (Jeffrey C. Sedayao)

Indexed By Date	Previous:	Re: NCSA certification for FWTK From: "massimo.cotrozzi" <massimo . cotrozzi @ ArthurAndersen . com>
Indexed By Date	Next:	Re: NCSA certification for FWTK From: "massimo.cotrozzi" <massimo . cotrozzi @ ArthurAndersen . com>
Indexed By Thread	Previous:	3COM Firewall Proxy force? From: Gary Warner <glwarner @ samford . edu>
Indexed By Thread	Next:	Re: firewall-1's problem From: sedayao @ argus . intel . com (Jeffrey C. Sedayao)