This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Duane_Toler
Advisor
a month ago
In response to HeikoAnkenbrand

I disagree.  What @HeikoAnkenbrand posted was good for us all.  We need to know how to test our systems so we can appropriately handle them.  This information was being withheld from us all before now and caused widespread grief for many who were never affected (no IPsec VPN, or no Remote Access VPN service enabled, or no RemoteAccess community configured).  Many of us were/are affected, but we need to know how severely so we can issue the appropriate response.

Check Point's own Python test script was inaccurate and insufficient

I didn't know before Heiko's post.  Several customers had chosen to delay their response because of the information we had before then.  Once we knew this was actually a directory traversal attack (significantly different than "weak VPN user passwords" as we were lead to believe), I escalated this to all my customers and got them mitigated or properly emergency updated.

Heiko did a good service and should be thanked. (Thank you, Heiko).

This information absolutely will help attackers, but we should all know security-through-obscurity is foolish, irresponsible, and in some ways downright criminal.  However, this information will do far more benefit to spurring the rest of us into updating systems more urgently.

Again, kudos to Heiko.

 

(1)
Who rated this post