Security Basics mailing list archives
RE: Firewall question - how easy is it to get thru - Proof
From: "Rivest, Philippe" <PRivest () transforcecompany com>
Date: Tue, 15 Feb 2011 20:52:45 +0000
Hi, I'D like to thank everyone for your very good answers. I'm however looking for a proof of concept on how easy/quick it would be for a hacker/cracker to bypass a firewall. Lets take a generic Checkpoint or what ever you want. I know of a few ways to bypass layer 3 controls, such as web browsers and applications issues. The outbound solution provided earlier is really true! But lets say they do all that. They have a single PC and a Firewall and an Internet connexion. How hard (proof) would it be to just attack the FW and get thru it? Without any circumvention. Just plain "brute force" :P I dont care too much about detection. I'm looking for the level of difficulty & the time frame. Any documents would be more than appreciated! Thanks :P Important: Please note that my new email address is privest () transforcecompany com Please note that my new website address is http://www.transforcecompany.com SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+ TransForce Inc. Internal auditor - Information security Vérificateur interne - Sécurité de l'information Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232 6600 Saint-François Saint-Laurent (Quebec) H4S 1B7 Tel.: 514-331-4417 Fax: 514-856-7541 www.transforcecompany.com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Francois Yang Sent: 15 février 2011 11:13 To: drmarkabaiter () gmail com Cc: security-basics () securityfocus com Subject: Re: Firewall question - how easy is it to get thru - Proof Read up on browser exploit and how it can bypasses firewalls. once an internal computer is compromised it can be used as a launching pad to attack internal servers. Do you have any web filtering systems? or ips/ids monitoring web access? Is your network a flat lan where your users are on the same lan as your critical servers? how often are your servers and workstation updated? etc.....there's more, but the browser exploit is a good example how a firewall is not good enough now days. Also what kind of FW do you have? a standard FW won't look at the application layer so someone can send anything thru an open port. hope this helps a little. Frank On Mon, Feb 14, 2011 at 8:53 AM, Rivest, Philippe <PRivest () transforcecompany com> wrote:
Quick question. When I do an audit and when I find a major flaw or deficiency, IT always tells me "its because your in the internal LAN, we have a firewall protecting us". I know you have all heard that. So I try to explain that you could attack thru physical security, social engineering, virus and a lot of other ways and in the end I always add "Someone more "expert" in Firewall could bypass it". I don't really need a "how-to" but I'm looking for proof and a time frame on how long it normally takes for a real hacker/cracker to attack and bypass (where possible) a Firewall control (IPS/IDS also!). I know this is not a click-click your done type of job, but I know its possible. Thanks for any links or advice! Important: Please note that my new email address is privest () transforcecompany com Please note that my new website address is http://www.transforcecompany.com SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+ TransForce Inc. Internal auditor - Information security Vérificateur interne - Sécurité de l'information Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232 6600 Saint-François Saint-Laurent (Quebec) H4S 1B7 Tel.: 514-331-4417 Fax: 514-856-7541 www.transforcecompany.com ---------------------------------------------------------------------- -- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4 42f727d1 ---------------------------------------------------------------------- --
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Vulnerability Data Maverick (Feb 11)
- Re: Vulnerability Data Richard Thomas (Feb 11)
- Re: Vulnerability Data Brad Bemis (Feb 15)
- Re: Vulnerability Data Saif El Sherei (Feb 15)
- Re: Vulnerability Data Jeffrey Walton (Feb 15)
- Re: Vulnerability Data Jeffrey Walton (Feb 15)
- <Possible follow-ups>
- Re: Vulnerability Data lonervamp (Feb 11)
- RE: Vulnerability Data Mikhail A. Utin (Feb 15)
- Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Francois Yang (Feb 15)
- RE: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 17)
- RE: Firewall question - how easy is it to get thru - Proof Mark Brunner (Feb 18)
- Re: Firewall question - how easy is it to get thru - Proof Todd Haverkos (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Jan Muenther (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Max Chow (Feb 17)
- Re: Firewall question - how easy is it to get thru - Proof Gichuki John Chuksjonia (Feb 18)
- Re: Firewall question - how easy is it to get thru - Proof Robson de Oliveira Albuquerque (Feb 17)
- Re: Firewall question - how easy is it to get thru - Proof Ansgar Wiechers (Feb 17)