FIREWALLSUPPORT.COM
Firewall Support
FirewallSupport.com is an online support service specifically focused on firewall security. Here you'll find the information you need to manage your company's firewall infrastructure and qualified expertise to design and implement security solutions.
Security Advisories
April 6, 2016: Siemens SCALANCE S613 / Risk: Medium
Denial of Service vulnerability
A vulnerability in the SCALANCE S613 firewall could allow unauthenticated remote attackers to cause a denial-of-service of the integrated web server of affected devices, sending legitimate messages to port 443/tcp. A manual reboot is required to recover the web server of the device.
Advisories: CVE-2016-3963
Patches/Solutions: Contact Siemens customer support
Additional info: siemens_security_advisory_ssa-751155.pdf
Oct 8, 2015: Juniper Netscreen Firewall / Risk: Medium
Denial of Service vulnerability
A vulnerability in ScreenOS L2TP packet processing may allow a remote network based attacker to cause a denial of service condition on ScreenOS devices by sending a crafted L2TP packet. On ScreenOS 6.3.0 this issue can be mitigated by not configuring L2TP settings.
Advisories: CVE-2015-7750
Patches/Solutions: Solved in ScreenOS 6.3.0r21, and subsequent rel.
Additional info: Juniper's 2015-10 Security Bulletin
Oct 8, 2015: Juniper vSRX virtual firewall / Risk: High
Denial of Service vulnerability
The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service via an unspecified connection request to the vSRX host-OS. As a workaround Juniper suggest to limit the exploitable attack surface by implementing access lists or firewall filters from trusted, administrative networks or hosts.
Advisories: CVE-2015-7749
Patches/Solutions: Solved in OS 15.1X49-D20 and subsequent rel.
Additional info: Juniper's 2015-10 Security Bulletin
Common Questions about Firewalls
The article focuses on typical firewall security issues. This is not a technical faq for firewall engineers but a collection of questions frequently asked by those who aren't firewall specialist but are responsible for taking purchasing and implementation decisions that deeply affect security.
Most of the information available on site is focused on main firewall vendors and products such as Check Point Firewall-1 (and Next Generation), VPN-1, Cisco PIX, Nokia Crypto Cluster, Raptor Firewall, NAI Gauntlet, Nokia IPSO Firewall, SunScreen, Watchguard, Microsoft ISA Server, Lucent Managed Firewall and others.
Firewall Monitoring
Resources about Firewall Monitoring and Alerting are also included, in particular Log Analysis, Suspicious Activity Monitoring and Intrusion Detection. Firewall Clustering, Stateful Failover, VPN Failover and other High Availability issues are enclosed in the FAQ section.
"Common Questions about Firewalls" The article focuses on typical firewall security issues.
You are reading this summary because it appears your browser is not HTML 4.0 compliant.
You need to upgrade it to be able to access this site.
Google Chrome
Mozilla Firefox
Microsoft Internet Explorer (worst choice)
Copyright © 2001-2020 FirewalSupport.com