Who rated this post

cancel
Showing results for 
Search instead for 
Did you mean: 
Duane_Toler
Advisor

I disagree.  What @HeikoAnkenbrand posted was good for us all.  We need to know how to test our systems so we can appropriately handle them.  This information was being withheld from us all before now and caused widespread grief for many who were never affected (no IPsec VPN, or no Remote Access VPN service enabled, or no RemoteAccess community configured).  Many of us were/are affected, but we need to know how severely so we can issue the appropriate response.

Check Point's own Python test script was inaccurate and insufficient

I didn't know before Heiko's post.  Several customers had chosen to delay their response because of the information we had before then.  Once we knew this was actually a directory traversal attack (significantly different than "weak VPN user passwords" as we were lead to believe), I escalated this to all my customers and got them mitigated or properly emergency updated.

Heiko did a good service and should be thanked. (Thank you, Heiko).

This information absolutely will help attackers, but we should all know security-through-obscurity is foolish, irresponsible, and in some ways downright criminal.  However, this information will do far more benefit to spurring the rest of us into updating systems more urgently.

Again, kudos to Heiko.

 

(1)
Who rated this post