158 Security De-engineering
supposedly aected Firewall-1 version 4.1 SP4 (not at all a recent
version), whereby it was supposedly possible to issue a client request
and receive a response that showed internal network addresses
“behind” the rewall. e consultant was asking for a false positive
check for this issue. e post was already 10 days old, and among
the comments and queries bouncing around, there was no sign of
any useful input. e time frame of 10 days was disturbing because
this vulnerability was well documented publicly, and it is covered in
Chris McNab’s Network Security Assessment book, which I consider
to be the bible for start-up penetration testers. A quick 10-minute
search engine eort turns up several write-ups