Vulnerability Development mailing list archives
Enemy of the State (breaking Stateful Inspection based fw's)
From: "J. Oquendo" <sil () infiltrated net>
Date: Fri, 10 Dec 2004 22:00:28 -0500 (EST)
Conceptual, theoretical, proof of concept thought on breaking Stateful Inspection based failover firewall sessions. Still working on this, and will re-do the wording when I have some free downtime but thought others would like to get an idea of how it might/can be broken... http://www.infiltrated.net/enemyofthestate.html Might do some POC codework when I have some spare time, but what I would really like are some packet dumps of Stateful sessions under different firewalls. X'd out address dumps would be nice. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x51F9D78D Fingerprint 2A48 BA18 1851 4C99 CA22 0619 DB63 F2F7 51F9 D78D http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D sil @ politrix . org http://www.politrix.org sil @ infiltrated . net http://www.infiltrated.net "How can we account for our present situation unless we believe that men high in this government are concerting to deliver us to disaster?" Joseph McCarthy "America's Retreat from Victory"
Current thread:
- Enemy of the State (breaking Stateful Inspection based fw's) J. Oquendo (Dec 13)