Security Basics mailing list archives
RE: Firewall question - how easy is it to get thru - Proof
From: "vedantamsekhar () gmail com" <vedantamsekhar () gmail com>
Date: Wed, 16 Feb 2011 15:36:35 +0000
If you are talking abt network firewalls, they can lookup the packet upto Layer 3 but cant protect application level attacks. Offcourse some firewalls like checkpoint has smartdefense concept which they claim, they can protect againest application level attacks but it is very limited. Application level attacks like remote code execution, sql injection,bufferoverflows,url open redirects and many more cant be protected by network firewalls. How easy...is really varies between application to application. some coders are lazy enough that, for one of the application i could even shutdown the back end database. But if you are asking abt bypassing firewalls to access vulnerable services of internal servers, i think we need to work hard....its not so easy.. Hope it may helped u... Thanks, Sekhar Sent from my Nokia phone -----Original Message----- From: Francois Yang Sent: 15/02/2011 9:43:07 pm To: drmarkabaiter () gmail com Cc: security-basics () securityfocus com Subject: Re: Firewall question - how easy is it to get thru - Proof Read up on browser exploit and how it can bypasses firewalls. once an internal computer is compromised it can be used as a launching pad to attack internal servers. Do you have any web filtering systems? or ips/ids monitoring web access? Is your network a flat lan where your users are on the same lan as your critical servers? how often are your servers and workstation updated? etc.....there's more, but the browser exploit is a good example how a firewall is not good enough now days. Also what kind of FW do you have? a standard FW won't look at the application layer so someone can send anything thru an open port. hope this helps a little. Frank On Mon, Feb 14, 2011 at 8:53 AM, Rivest, Philippe <PRivest () transforcecompany com> wrote:
Quick question. When I do an audit and when I find a major flaw or deficiency, IT always tells me "its because your in the internal LAN, we have a firewall protecting us". I know you have all heard that. So I try to explain that you could attack thru physical security, social engineering, virus and a lot of other ways and in the end I always add "Someone more "expert" in Firewall could bypass it". I don't really need a "how-to" but I'm looking for proof and a time frame on how long it normally takes for a real hacker/cracker to attack and bypass (where possible) a Firewall control (IPS/IDS also!). I know this is not a click-click your done type of job, but I know its possible. Thanks for any links or advice! Important: Please note that my new email address is privest () transforcecompany com Please note that my new website address is http://www.transforcecompany.com SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+ TransForce Inc. Internal auditor - Information security Vérificateur interne - Sécurité de l'information Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232 6600 Saint-François Saint-Laurent (Quebec) H4S 1B7 Tel.: 514-331-4417 Fax: 514-856-7541 www.transforcecompany.com ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Firewall question - how easy is it to get thru - Proof vedantamsekhar () gmail com (Feb 17)
- <Possible follow-ups>
- RE: Re: Firewall question - how easy is it to get thru - Proof Shane Anglin (Feb 17)
- RE: Re: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 17)
- RE: Re: Firewall question - how easy is it to get thru - Proof Omar Salvador Alcalá Ruiz (Feb 18)
- Re: Re: Firewall question - how easy is it to get thru - Proof John Morrison (Feb 18)
- RE: Re: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 18)
- Re: Re: Firewall question - how easy is it to get thru - Proof John Morrison (Feb 18)
- Windows Authentication Robert . Yung (Feb 22)
- RE: Re: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 17)