oss-sec mailing list archives
Re: Attack on badly configured Netfilter-based firewalls
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 09 Mar 2012 22:49:21 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/09/2012 04:01 PM, Eric Leblond wrote:
Hello, On Mon, 2012-02-27 at 14:46 +0100, Eric Leblond wrote:Hello, On Mon, 2012-02-27 at 05:25 +0400, Solar Designer wrote:Eugene, all - On Mon, Feb 27, 2012 at 09:19:59AM +0800, Eugene Teo wrote:...e it to Eric much earlier),Eric would post to the list e.g. in January and ask for the issue to be kept private until March - thereby violating the list's maximum embargo period.The slides and videos of my CansecWest talk are available: http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/ I've done a complete description of the attack and also demonstrate the need to be careful with the use of helpers. BR,
Are there any specific issues for which you need CVE's? (haven't had time to view the slides yet, hopefully soon). - -- Kurt Seifried Red Hat Security Response Team (SRT) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPWuthAAoJEBYNRVNeJnmTIM8QAMJkVHzHjQOAGyKXuajUfwLo EHX2pd7gosTir5Bi5MB6IJFlzDBRDPzD9Sj3m3zc+pYdory/J0yS38/iwodm4qAZ M6i/MV0Fs6WB+WWYlgj/8wD3o+0vU2qaBkQ2Y6CUw+fh1EV+uB5eh/JiE4s2kLrc gmhM3tc/4ebAzJT0LD8IZKqVokRvSkNSLltcW13fLVY2+kJxy4Skf2NrqBdtkwDT 5C8d4CuGyOe6iJ9fWQ3B2PCC+pf4S9Ywmef5omJv6v9hzlqxm8DQ49vjkkTToK71 VHjsPHSLcJnGjm08NlEb8Yhvh+oDWWiAYosRT9nBtGSoFou+WZGXKdQOQcMRRwd2 7Iwng4VRUqzqYqa93SQ07974SfzscF6hs1QWslUWXqHZfStp95iY6SU/shCuEyX8 PerHjlmnyayq8EuJWb9Wvv7/4a7/BEfYduKC8fRbtRnbNpgwtIk3VEo2aLRHHfeh cVIwUEgkMHFH0jzBghVrHnkteHAH3B37YWjIt3VHc6n8BWr516s8uleoclrM1q5S 15fkrnjCbRGqjRPOnCzPzKP0g0kRqotmr8VbJpTd4i2JBMm7sZk9ip2+F+iJRw8d f4e2n2mfRW0X4uUVUXXyCX7fMZ3H0mR52FBhOD8+I+PwwHrbgRcgTjjXp0qzcl+Y fSFjEfrMd1BAwIHNW7Uz =KyjP -----END PGP SIGNATURE-----
Current thread:
- Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 25)
- Re: Attack on badly configured Netfilter-based firewalls Yves-Alexis Perez (Feb 25)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Eugene Teo (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Solar Designer (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 27)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Mar 09)
- Re: Attack on badly configured Netfilter-based firewalls ArkanoiD (Mar 09)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Mar 09)
- Re: Attack on badly configured Netfilter-based firewalls Kurt Seifried (Mar 09)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Yves-Alexis Perez (Feb 25)
- Re: Attack on badly configured Netfilter-based firewalls Jussi Eronen (Mar 02)
- Re: Attack on badly configured Netfilter-based firewalls Kurt Seifried (Mar 02)
- Re: Attack on badly configured Netfilter-based firewalls Jussi Eronen (Mar 20)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Solar Designer (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls Eric Leblond (Feb 26)
- Re: Attack on badly configured Netfilter-based firewalls yersinia (Feb 27)
- Re: Attack on badly configured Netfilter-based firewalls Sebastian Krahmer (Feb 27)
- Re: Attack on badly configured Netfilter-based firewalls ArkanoiD (Feb 27)