Full Disclosure mailing list archives

Re: Empirical data surrounding guards and firewalls.

From: Peter Besenbruch <prb () lava net>
Date: Thu, 02 Sep 2004 12:58:44 -1000

A truly twisted sense of humor. Thank you.

evol () ruiner halo nu wrote:

Evol would like to share empirical data gained today.  Evol believes this
make internet community much happy, and make the Mr. Peter not regulate.
So what happened?  Evol explains:

Target:
------
        -Firewall
        -McDonald's guard

Materials:
---------
        -(1) Evol
        -(1) Shoes
        -(1) Shirt
        -(1) Computer
        -(1) Internet connection
        -(1) Firewalled host

Procedure:
---------
For each target, undergo the following steps:

        1.) Enumerate an acceptable entrance policy.
        2.) Attempt to enter while following entrance policy.

Data:
-----
        Firewall:
        --------
                The firewall at internet host www.mcdonalds.com accepts
                connections to TCP/IP port 80.  Rules are similar to 'DENY
                ALL EXCEPT TCP PORT 80'  So make connection to port 80 and
                note results.
        Results:
        -------
                Normal transaction was accepted.  See results:

                HTTP/1.1 400 Bad request
                Server: Netscape-Enterprise/4.1
                Date: Thu, 02 Sep 2004 XX:XX:XX GMT
                Content-length: 147
                Content-type: text/html
                Connection: close

        Store:
        -----
                The store at the location closest to me was chosen as a
                specific target.  The entrance policy is:
                'IF (NOT SHOES) OR (NOT SHIRT) DENY'
                So, evol enters store with only shoes and a shirt.

        Data:
        ----
                Evol was rejected conduction of normal buisness.  No
                Big Mac today, get out!  Then, when Evol tries to
                proceed anyway, cops take Evol out of McDonalds.

        Conclusion:
        ----------
                People and firewalls are different.

Thanks Internet Community, hope much hapiness for you.

-Evol

________________________________________________________________

Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Empirical data surrounding guards and firewalls. evol (Sep 02)
- Re: Empirical data surrounding guards and firewalls. Peter Besenbruch (Sep 02)
- Re: Empirical data surrounding guards and firewalls. James Tucker (Sep 02)
  - Re: Empirical data surrounding guards and firewalls. evol (Sep 02)
    - Re: Empirical data surrounding guards and firewalls. James Tucker (Sep 02)
    - Re: Empirical data surrounding guards and firewalls. Byron L. Sonne (Sep 07)
    - Message not available
    - Re: Empirical data surrounding guards and firewalls. Byron L. Sonne (Sep 08)
    - Re: Empirical data surrounding guards and firewalls. Michael Simpson (Sep 09)
    - Re: Empirical data surrounding guards and firewalls. Andrew Farmer (Sep 09)
    - Re: Empirical data surrounding guards and firewalls. gadgeteer (Sep 09)
    - Re: Re: Empirical data surrounding guards and firewalls. Vincent Archer (Sep 10)
    - Re: Re: Empirical data surrounding guards and firewalls. gadgeteer (Sep 10)

(Thread continues...)