Full Disclosure mailing list archives
Re: Sony: No firewall and no patches
From: Bruno Cesar Moreira de Souza <bcmsouza () yahoo com br>
Date: Tue, 10 May 2011 08:56:47 -0700 (PDT)
--- On May 10, 2011, Dobbins, Roland <rdobbins () arbor net> wrote:
On May 10, 2011, at 8:53 PM, Bruno Cesar Moreira de Souza wrote:The stateless ACLs would not prevent ACK tunneling (http://ntsecurity.nu/papers/acktunneling/).Again, if an attacker's already in a position to do that, the game is already over.
The game is over for this compromised server. However, the attacker possibly wants to attack other servers in the network and then compromise sensitive database servers. If the compromised server is not behind a stateful firewll, it will be easier to create a tunnel to access unauthorised ports (such as database network services) and attack other servers. In the worst case, the attacker may be able to penetrate the internal network through this tunnel. It would be possible to create a covert channel through a stateful firewall? Yes, but if the firewall is well configured, you increase the complexity of the attack and there is more chance the attack will be detected. Additionally, using a covert channel, the attacker can create a backdoor to keep his access. Even if the exploited vulnerability is fixed in a short time, the attacker will still be able to easily control the compromised server. And perhaps his access will keep unnoticed for a long time. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Sony: No firewall and no patches, (continued)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 09)
- Re: Sony: No firewall and no patches Pete Smith (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Bruno Cesar Moreira de Souza (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Bruno Cesar Moreira de Souza (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches Thor (Hammer of God) (May 10)
- Re: Sony: No firewall and no patches Ivan . (May 10)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 10)
- Re: Sony: No firewall and no patches phocean (May 11)
- Re: Sony: No firewall and no patches Dobbins, Roland (May 11)