RE: Firewall question - how easy is it to get thru - Proof

["vedantamsekhar () gmail com" <vedantamsekhar () gmail com>]

If you are talking abt network firewalls, they can lookup the packet upto Layer 3 but cant protect application level 
attacks. Offcourse some firewalls like checkpoint has smartdefense concept which they claim, they can protect againest 
application level attacks but it is very limited.

Application level attacks like remote code execution, sql injection,bufferoverflows,url open redirects and many more 
cant be protected by network firewalls. How easy...is really varies between application to application. some coders are 
lazy enough that, for one of the application i could even shutdown the back end database.
But if you are asking abt bypassing firewalls to access vulnerable services of internal servers, i think we need to 
work hard....its  not so easy..

Hope it may helped u...

Thanks,
Sekhar

Sent from my Nokia phone
-----Original Message-----
From: Francois Yang
Sent:  15/02/2011 9:43:07 pm
To: drmarkabaiter () gmail com
Cc: security-basics () securityfocus com
Subject:  Re: Firewall question - how easy is it to get thru - Proof

Read up on browser exploit and how it can bypasses firewalls.
once an internal computer is compromised it can be used as a launching
pad to attack internal servers.
Do you have any web filtering systems? or ips/ids monitoring web access?
Is your network a flat lan where your users are on the same lan as
your critical servers?
how often are your servers and workstation updated?
etc.....there's more, but the browser exploit is a good example how a
firewall is not good enough now days.
Also what kind of FW do you have? a standard FW won't look at the
application layer so someone can send anything thru an open port.
hope this helps a little.

Frank

On Mon, Feb 14, 2011 at 8:53 AM, Rivest, Philippe
<PRivest () transforcecompany com> wrote:
> Quick question.
>
>
>
> When I do an audit and when I find a major flaw or deficiency, IT always tells me "its because your in the internal 
> LAN, we have a firewall protecting us". I know you have all heard that. So I try to explain that you could attack 
> thru physical security, social engineering, virus and a lot of other ways and in the end I always add "Someone more 
> "expert" in Firewall could bypass it".
>
>
>
> I don't really need a "how-to" but I'm looking for proof and a time frame on how long it normally takes for a real 
> hacker/cracker to attack and bypass (where possible) a Firewall control (IPS/IDS also!).
>
>
>
> I know this is not a click-click your done type of job, but I know its possible.
>
>
>
> Thanks for any links or advice!
>
>
>
>
>
> Important:
> Please note that my new email address is privest () transforcecompany com
> Please note that my new website address is http://www.transforcecompany.com
>
> SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com
> SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com
>
>
>
> Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+
> TransForce Inc.
> Internal auditor - Information security
> Vérificateur interne - Sécurité de l'information
> Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232
>
> 6600 Saint-François
> Saint-Laurent (Quebec) H4S 1B7
> Tel.: 514-331-4417
>
> Fax: 514-856-7541
> www.transforcecompany.com
>
>
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------