Security Basics mailing list archives

Re: Firewall question - how easy is it to get thru - Proof

From: Robson de Oliveira Albuquerque <robsonalbuquerque () dte gov br>
Date: Wed, 16 Feb 2011 15:54:42 -0200

Hi Philippe.

There are several ways of doing that.

Normally these days, firewalls are based on a layer.
The most common are layer 3 (ip) and layer 4 (transport).
But are also firewalls in layer 2 (link) and layer 5 (application).

Most of the "known" firewalls are layer 3 and 4. Statefull and/or stateless.

If you have a firewall in front of your application and your
application has flaws, an attack won't even consider your firewall.
If you have a "insider" (infeccted machine) also it wont go through
your firewall if your servers are in the same "ip lan". And a lot more
options available.


To bypass IPS/IDS, there are several ways of doing that.
The common name are IPS/IDS evasion and a lot of tools can do that.

Regards.

Robson

On 14/2/2011 12:53, Rivest, Philippe wrote:

Quick question.

When I do an audit and when I find a major flaw or deficiency, IT always tells me "its because your in the internal
LAN, we have a firewall protecting us". I know you have all heard that. So I try to explain that you could attack
thru physical security, social engineering, virus and a lot of other ways and in the end I always add "Someone more
"expert" in Firewall could bypass it".

I don't really need a "how-to" but I'm looking for proof and a time frame on how long it normally takes for a real
hacker/cracker to attack and bypass (where possible) a Firewall control (IPS/IDS also!).

I know this is not a click-click your done type of job, but I know its possible.

Thanks for any links or advice!

Important:
Please note that my new email address is privest () transforcecompany com
Please note that my new website address is http://www.transforcecompany.com

SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com
SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com

Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+
TransForce Inc.
Internal auditor - Information security
Vérificateur interne - Sécurité de l'information
Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232

6600 Saint-François
Saint-Laurent (Quebec) H4S 1B7
Tel.: 514-331-4417

Fax: 514-856-7541
www.transforcecompany.com

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works,
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


-- 
___________________________________
Robson de Oliveira Albuquerque
Agência Brasileira de Inteligência
OpenPGP KeyID 261F3D80
___________________________________


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Vulnerability Data, (continued)
- Re: Vulnerability Data lonervamp (Feb 11)
  - RE: Vulnerability Data Mikhail A. Utin (Feb 15)
  - Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 15)
    - Re: Firewall question - how easy is it to get thru - Proof Francois Yang (Feb 15)
    - RE: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 17)
    - RE: Firewall question - how easy is it to get thru - Proof Mark Brunner (Feb 18)
    - Re: Firewall question - how easy is it to get thru - Proof Todd Haverkos (Feb 15)
    - Re: Firewall question - how easy is it to get thru - Proof Jan Muenther (Feb 15)
    - Re: Firewall question - how easy is it to get thru - Proof Max Chow (Feb 17)
    - Re: Firewall question - how easy is it to get thru - Proof Gichuki John Chuksjonia (Feb 18)
    - Re: Firewall question - how easy is it to get thru - Proof Robson de Oliveira Albuquerque (Feb 17)
    - Re: Firewall question - how easy is it to get thru - Proof Ansgar Wiechers (Feb 17)