Full Disclosure mailing list archives
Re: How to easily bypass a firewall...
From: "CHeeKY" <cheekypeople () sec33 com>
Date: Tue, 29 Jul 2003 20:21:36 +0100
know if the scene since hacks began Paul, if you insist on a layer 7 firewall then thats your failing, for home users minimal should be NAT router with a layer 7 firewall, other build ya own ipcop or openbsd on a 386 or higher, that way you can bring in ids and have layers, or at least become a checkpoint man as I am and have that at home on ipso hehehe, seriously at the end of the day, the patches and your own common sense relating to opsys hardening and understanding your system and what you put on it, should do you the best. All it comes down to is being bothered and having common sense, putting anything on the net now, should be protected to hell, that is a absolute must, not something you do later, most hacks from the scene or becuase people either dont have the common sense or cant be bother, then they their own worst enemy. ------------------------------------------------------------------------- FIGHT BACK AGAINST SPAM! Download Spam Inspector, the Award Winning Anti-Spam Filter http://mail.giantcompany.com ----- Original Message ----- From: "Schmehl, Paul L" <pauls () utdallas edu> To: <full-disclosure () lists netsys com> Sent: Tuesday, July 29, 2003 6:38 PM Subject: RE: [Full-disclosure] How to easily bypass a firewall...
-----Original Message----- From: compguruman () mail comcast net [mailto:compguruman () mail comcast net] Sent: Tuesday, July 29, 2003 11:02 AM To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] How to easily bypass a firewall... At 03:49 PM 7/28/2003 -0500, you wrote:5. Firewall dialog box uses random numbers / letters represented by graphics that the user has to enter in a password field ifthe passwordis not correct sound alarm, halt system.know of anything that does this?Would it matter? The scenario that was proposed is that there's a trojan on the box, and it can attempt certain methods of programmatically disabling the firewall. If there's a trojan on the box, what does it matter? *Anything* on the box can be disabled at that point. If I break in to a Linux box, for example, all I have to do, once I have root, is type: % /etc/rc.d/init.d/ipchains stop If it's a Windows box, I just kill the service: C:\ sc stop {firewall servicename} Or install the pstools to do it. The point is, once the box is owned, nothing else matters. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How to easily bypass a firewall... Sir Humpsalot (Jul 28)
- RE: How to easily bypass a firewall... Nate Johnson (Jul 28)
- RE: How to easily bypass a firewall... compguruman (Jul 29)
- Re: How to easily bypass a firewall... Kain (Jul 29)
- Re: How to easily bypass a firewall... Karl DeBisschop (Jul 29)
- RE: How to easily bypass a firewall... compguruman (Jul 29)
- RE: How to easily bypass a firewall... Nate Johnson (Jul 28)
- <Possible follow-ups>
- RE: How to easily bypass a firewall... Schmehl, Paul L (Jul 29)
- Re: How to easily bypass a firewall... CHeeKY (Jul 29)
- RE: How to easily bypass a firewall... Sir Humpsalot (Jul 29)