From: crazy frog crazy frog (i.m.crazy.frog@gmail.com)
Date: Mon Oct 17 2005 - 18:40:16 EDT
chris.
can u give more info on firewall bypassing?
regards,
On 10/16/05, Chris Brenton <cbrenton@chrisbrenton.org> wrote:
> On Sat, 2005-10-15 at 09:38 +0100, hannibal blog wrote:
> >
> > I'm wondering how can we pass through a firewall that is using Network
> > Adress Translation for the internal network?
>
> Spend some time reading up on loose source routing (LSR). I've found
> that some of the cheap/home NAT based firewalls I've tested (about half
> in a study I did 3 years ago) can be traversed by bouncing LSR packets
> off of them.
>
> High end firewalls are pretty safe, but some still have issues. For
> example I *think* it was Netscreen firewall I ran into problems with
> during a pen test. LSR packets trying to bounce off the firewall were
> correctly dropped, but LSR packets attempting to bounce off of an
> internal host were permitted through. This let me LSR TCP/80 packets off
> of an internal Web server and redirect them to TCP/80 used to manage an
> internal switch.
>
> > Is firewalk still useful in this case ?
>
> Not really. Firewalk needs access to the final IP in order to produce
> accurate data. Of course that begs the question, "Can you firewalk LSR
> packets?". hummm..... ;-)
>
> HTH,
> Chris
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
-- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:04 EDT