From: Niels Taylor (niels.taylor@gmail.com)
Date: Thu Jan 26 2006 - 15:27:08 EST
Hello list, I hope this question is not too "newbie," and I am sure if it is
I will find out quickly. I am interested in ways an attacker could
circumvent outbound FTP restrictions on a FW. I have researched this a bit
but the information I am seeing is ambiguous, so I thought I'd take it
straight to the experts.
If a remote attacker gains command line access to a server (I am concerned
about a Microsoft 2000 SQL server specifically) that is behind a firewall,
and outbound FTP had been disabled at the FW, could the attacker use the MS
FTP "Open" command to specify a different, unrestricted outbound port (e.g
80 or 443) to transfer files, (assuming of course that his FTP server is
configured to listen on this port). Is this a viable scenario, and if not,
could he send files via another method? This question assumes no outbound
application layer inspection at the FW, so that it isn't able to see FTP
traffic on port 23, or 80, for instance.
Thank you for your help.
Niels Taylor
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT