Hacker 'Handshake' Hole Found In Common Firewalls

Wednesday Apr 13th 2011 by Datamation.com Staff

Cisco, Fortinet, Juniper, the Palo Alto Networks and SonicWall appliances prove vulnerable to the TCP Split Handshake Attack.

NetworkWorld: After conducting extensive testing, NSS Labs has concluded that many popular network firewalls are vulnerable to the TCP Split Handshake Attack. This type of attack tricks the firewall into believing that the hacker is coming from an internal, trusted connection. "If the firewall thinks you're inside, the security policy it applies to you is an internal one, and you can run a scan to see where machines are," explained Rick Moy, president of NSS Labs.

NSS Labs tested the Check Point Power-1 11065, the Cisco ASA 5585-40, the Fortinet Fortigate 3950, the Juniper SRX 5800, the Palo Alto Networks PA-4020, and the SonicWall NSA E8500. Of the six firewalls, only the Check Point product was able to resist the attack.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved