Firewall Wizards mailing list archives
Re: Free Firewalls? Thoughts...
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Sat, 10 May 2003 19:27:07 +0200
David Lang wrote:
the advantage [of halted-mode operation firewalls] is that even if you are running from a floppy you have a full userspace environment to run programs in, once the machine has halted you don't even have init, the only thing that is running is the kernel passing traffic.
I'd just like to point out here, in case someone has missed it, that this is still exploitable. Buffer overruns or format string attacks or whatnot are still just as effective attacks; the CPU is still executing code, and code can still be injected. Of course, "meaningful" exploitation becomes harder because of the obstacles mentioned, so this is (still) an effective deterrent for the everyday script kiddie, and an effective means of keeping cluon-challenged coworkers from running stuff on the firewall. And, of course, you're eliminating the risk of "ooops, did I leave RPC running?". I'm just saying that, for determined attackers, and assuming there's something in the firewall or kernel to attack, it's still doable. And since some people are in the habit of publishing point-and-click attack tools once they've coded them ... :/ -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Evaluating Firewall, (continued)
- Re: Evaluating Firewall Carson Gaspar (May 06)
- Re: Firewall performance testing (Was: Re: Evaluating Firewall) Mikael Olsson (May 07)
- Re: Firewall performance testing (Was: Re: Evaluating Firewall) Carson Gaspar (May 07)
- Re: Firewall performance testing (Was: Re: Evaluating Firewall) Kyle R. Hofmann (May 07)
- Free Firewalls? Thoughts... Sean Barraclough (May 08)
- Re: Free Firewalls? Thoughts... Henning Brauer (May 08)
- Re: Free Firewalls? Thoughts... Ted Behling (May 08)
- Re: Free Firewalls? Thoughts... Javier Sanchez (May 09)
- Re: Free Firewalls? Thoughts... Mark Gumennik (May 09)
- Re: Free Firewalls? Thoughts... David Lang (May 09)
- Re: Free Firewalls? Thoughts... Mikael Olsson (May 10)
- Re: Free Firewalls? Thoughts... Javier Sanchez (May 12)
- Re: Evaluating Firewall Carson Gaspar (May 06)
- RE: Evaluating Firewall Ben Nagy (May 27)