Bugtraq mailing list archives
Re: FireWall-1 FTP Server Vulnerability
From: dugsong () MONKEY ORG (Dug Song)
Date: Fri, 18 Feb 2000 23:27:26 -0500
On Fri, 18 Feb 2000, Mikael Olsson wrote:
The only solution that even begins to look "good" is to completely reassemble the TCP stream and not make "educated" guesses about what packet data belongs on what line and in which order and state of the FTP protocol.
inspecting TCP application data within individual IP packets is a basic layer violation. network IDSs also suffer from this problem, only worse. fragrouter demonstrates this nicely. reassembling the TCP stream will only get you so far - your proxy still needs to actually implement the application protocol correctly. i'm releasing a 'fragproxy' tool soon to demonstrate this. but for now, an ObLameExploit: http://www.monkey.org/~dugsong/ftp-ozone.c.txt -d. --- http://www.monkey.org/~dugsong/
Current thread:
- Re: FireWall-1 FTP Server Vulnerability Lars.Troen () MERKANTILDATA NO (Feb 12)
- Re: FireWall-1 FTP Server Vulnerability Alexandru Popa (Feb 14)
- Re: FireWall-1 FTP Server Vulnerability monti (Feb 14)
- Re: FireWall-1 FTP Server Vulnerability Henrik Nordstrom (Feb 15)
- DDoS whitepaper Bennett Todd (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability Mikael Olsson (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability Emiliano Kargieman (Feb 18)
- Patch Available for "Site Wizard Input Validation" Vulnerability Microsoft Product Security (Feb 18)
- Re: FireWall-1 FTP Server Vulnerability Dug Song (Feb 18)
- Re: FireWall-1 FTP Server Vulnerability Henrik Nordstrom (Feb 15)
- Re: FireWall-1 FTP Server Vulnerability Borbely Zoltan (Feb 15)
- Re: FireWall-1 FTP Server Vulnerability monti (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability Peter Benie (Feb 16)
- Re: FireWall-1 FTP Server Vulnerability Nick FitzGerald (Feb 17)
- ANN: Bruce 1.0ea2: Networked Host-Vulnerability Scanner for Solaris & Linux Alec Muffett (Feb 17)
- <Possible follow-ups>
- Re: FireWall-1 FTP Server Vulnerability der Mouse (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability chess () US IBM COM (Feb 18)