Penetration Testing mailing list archives

Re: [PEN-TEST] Non-routable IP weaknesses?

From: Philipp Buehler <lists () fips de>
Date: Thu, 21 Dec 2000 11:56:51 +0100

On 20/12/2000, Frank Darden <fdarden () LOCKED COM> wrote To PEN-TEST () SECURITYFOCUS COM:

Plenty of interesting things. We once broke through a misconfigured Raptor
firewall. Once we learned they were using 10.1.10.0 on their inside net, we
configured our browser to use their firewall as a proxy, then began hand
typing http://10.1.10.1,.2,.3 etc.. This proved to be very fruitful for us

Yet another point I strongly discourage the usage of Proxy-services on a
filtering enforcment module. All these 'single point' constructs are *very*
susceptible for any misconfiguration.

ciao
--
Philipp Buehler, aka fIpS | sysfive.com GmbH | BOfH | NUCH | <double-p>
%SYSTEM-F-TOOEARLY, please contact your sysadmin at a sensible time.
Artificial Intelligence stands no chance against Natural Stupidity.
           [X] <-- nail here for new monitor

Current thread:

[PEN-TEST] Non-routable IP weaknesses? Thomas Reinke (Dec 20)
- Re: [PEN-TEST] Non-routable IP weaknesses? M Schubert (Dec 20)
- Re: [PEN-TEST] Non-routable IP weaknesses? batz (Dec 20)
- <Possible follow-ups>
- Re: [PEN-TEST] Non-routable IP weaknesses? Frank Darden (Dec 20)
  - Re: [PEN-TEST] Non-routable IP weaknesses? Philipp Buehler (Dec 21)