Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Phrack #60: "Java tears down the Firewall"

From: Mikael Olsson <mikael.olsson () clavister com>
Date: Sat, 28 Dec 2002 23:38:13 +0100

Just a quick heads up re: Java and FTP and firewalls.
Looks like someone finally unleashed this evil on the public:
(I've been having fun with this in pen tests for 2+ years now :P)

http://www.phrack.org/show.php?p=60&a=3

Item 5: "Java tears down the Firewall", about two thirds down the page.


If your firewall can be configured to restrict protected clients so that
they are only allowed to use passive mode FTP, now would be a good time 
to do so.

Free clue for people using "ftp.exe": http://www.ncftp.com/ncftp/ 

-- 
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: