Penetration Testing mailing list archives
Re: The magical invisible bridge
From: "Kurt Seifried" <bugtraq () seifried org>
Date: Thu, 14 Feb 2002 12:06:04 -0700
Hello all, I am wondering if anyone has any wisdom/experience to offer on the topic of discovering and or auditing a linux/openbsd bridge? This particular bridge is configured with no IP addresses so I have no way to scan or connect to it and arp isn't even revealing it's exsistance. Any experience on this topic would be greatly appreciated. Danka, ph00dr0w w1ls0n..
If you break a machine "directly" connected to it (i.e. on same hub/switch/cross over cable) you can at least send packets to it. If it is properly setup however it will not respond, unless there is some buffer overflow/etc in the tcp-ip stack (sort of like how people used to attack network IDS systems, send packets that would be inspected by the IDS, thus letting you attack it). Getting onto the admin network used to manage it (i.e. a third "real" interface) would do the trick but chances are that network is heavily protected. Thus the beauty of a properly setup firewall (bridge or not). To bad more aren't setup properly. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ http://www.idefense.com/digest.html ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- The magical invisible bridge ph00dy (Feb 14)
- Re: The magical invisible bridge Kurt Seifried (Feb 14)
- Re: The magical invisible bridge Rafael Coninck Teigao (Feb 15)