I don't know if this is related, but I know WinRoute 2.x had hard coded built in connection throttling, even doing an nmap SYN scan from INSIDE the firewall would DoS yourself. I don't know how much of the codebase is shared between the two products, but I'd expect they mostly are the same. This has been an issue for a long time if this is indeed the same thing. On Mon, 26 Aug 2002 21:59:22 +0800 "Abraham Lincoln" <sunninja@scientist.com> wrote: > > Test bed: > [*Nix b0x with Synflooder] <===[10/100mbps switch===> [Host with KPF] > > 1] DoS vulnerability with Kerio Personal Firewall 2.x.x Default Installation > - KPF is vulnerable with Synflood attack by sending minimum of 300 syn packets the target host will stop from responding, 100% of the CPU utilization will be consumed and eventually hangs-up the machine. > > 2] Setting the Personal firewall to High Security and Block all services and Protocols. > - It is quite similar to the first one but the personal firewall is configured to block all services and protocols. After sending a minimum of 500 syn packets from port 1-1024. The host will stop from responding, 100% of the CPU utilization will be consumed.
