Full Disclosure mailing list archives
RE: Re[2]: Personal firewalls.
From: William DeRieux <williamderieux () gmail com>
Date: Fri, 20 Jan 2006 18:22:04 -0500
Any self-respecting network administrator, (who knows what he/she is doing), would have planned for that And setup some kind of overideing ruleset, that will allways allow communiction to/from it's own resources. A.K.A, the "BLACKHOLE / IP BANNING" would be overiden for IP's & resources, like that of it's DNS Servers. But, that could, too, be exploited. If Z spoofs packets using the ip of the DNS Server (the one that is not banned because of the overide or 'never ban these ips, etc') Would be allowed to send those packets, SYN Packet, etc, as was stated, ad infinitum. As, they say, no computer or server is ever, *TRULY*, secure - even with a software or hardware firwall, or 'voodoo-like' security measures. Digitalchaos (just my 2 cents) -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Thierry Zoller Sent: Friday, January 20, 2006 5:58 PM To: full-disclosure () lists grok org uk Subject: Re[2]: [Full-disclosure] Personal firewalls. Dear Eliah Kagan, EK> Then Z comes along and sends a EK> bunch of SYN packets to X, spoofed to have the source IP of Y, waits EK> 10 minutes, and repeats ad infinitum. Z sends spoofed packets coming from the DNS server of X even more interesting.. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Personal firewalls. Soderland, Craig (Jan 20)
- Re: Personal firewalls. Eliah Kagan (Jan 20)
- Re[2]: Personal firewalls. Thierry Zoller (Jan 20)
- Re: Re[2]: Personal firewalls. Eliah Kagan (Jan 20)
- Re: Re[2]: Personal firewalls. Dude VanWinkle (Jan 21)
- RE: Re[2]: Personal firewalls. William DeRieux (Jan 20)
- Re[2]: Personal firewalls. Thierry Zoller (Jan 20)
- Re: Personal firewalls. Eliah Kagan (Jan 20)
- Message not available
- Re: Personal firewalls. Nancy Kramer (Jan 20)
- <Possible follow-ups>
- Re: Personal firewalls. Eliah Kagan (Jan 23)