From: seclt yuri (secltyuri@yahoo.com)
Date: Tue Sep 25 2007 - 22:29:19 EDT
Yes but this effectively means that fragmentation
attacks are useless if launched across the 'Net and
when performing a penetration test without local
access.
Also, even internal host systems are usually
segregated from servers and server vlans by a
firewall, so even then, I can't see how fragmentation
attacks would be effective. The only scenario that I
can think of would be within the same subnet or vlan
where traffic doesn't pass through a firewall.
Please correct me if I am wrong. Thank you.
--- Harry Hoffman <hhoffman@ip-solutions.net> wrote:
> yep, unfortunately not enough people using host
> based firewalls and alot
> of attacks happen inside of where the firewall
> protects (i.e. local lan)
>
> seclt yuri wrote:
> > Hi,
> > I was just reading up on fragmentation attacks
> using
> > fragrouter and fragrouter as a mean of IDS/IPS
> > evasion. However, since almost all firewalls both
> > commercial and free (iptables for examples) now
> have
> > support for fragment reassembly, are fragmentation
> > attacks still effective? Thanks.
> >
> >
> >
> >
>
____________________________________________________________________________________
> > Need a vacation? Get great deals
> > to amazing places on Yahoo! Travel.
> > http://travel.yahoo.com/
> >
> >
> >
>
------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution
> FREE today!
> >
> > http://www.cenzic.com/downloads
> >
>
------------------------------------------------------------------------
> >
>
>
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE
> today!
>
> http://www.cenzic.com/downloads
>
------------------------------------------------------------------------
>
>
____________________________________________________________________________________
Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:08 EDT