Re: By passing surf control

["Zach Forsyth" <Zach.Forsyth () kiandra com>]

> -----Original Message-----
> From: Lewis GySgt Richard C [mailto:LewisRC () 29palms usmc mil]
> Sent: Thursday, 26 February 2004 9:14 AM
> Subject: RE: By passing surf control
>
> Kuda,
>
>       There is an exploit by changing the requested sites IP address
to 
> octal format. Read more here:
>
> http://cert.uni-stuttgart.de/archive/bugtraq/2001/03/msg00305.html
>
> There is also an exploit by sending the request in multiple packets. 
> Read more here:
>
> http://www.securityfocus.com/bid/2910
>
> There is another exploit by appending a "." to the end of the 
> requested site. Read more here:
>
> http://www.securiteam.com/securityreviews/5SP010U0KQ.html
>
> Hope this helps,
> Richard Lewis
> GSEC, Security+, CCNA, MCP

The octal obfuscation and most other obfuscation techniques have been
fixed in surfcontrol long ago.
Those posts were from 2001 anyways...

Not sure on the proxy stuff as there are so many different ways to
proxy.
I can test it internally just need some time to do it.

The "." vuln is also non existant anymore.

Cheers

Zach







---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_pen-test_040201
----------------------------------------------------------------------------