Enemy of the State (breaking Stateful Inspection based fw's)

["J. Oquendo" <sil () infiltrated net>]

Conceptual, theoretical, proof of concept thought on breaking Stateful
Inspection based failover firewall sessions. Still working on this, and
will re-do the wording when I have some free downtime but thought others
would like to get an idea of how it might/can be broken...

http://www.infiltrated.net/enemyofthestate.html

Might do some POC codework when I have some spare time, but what I would
really like are some packet dumps of Stateful sessions under different
firewalls. X'd out address dumps would be nice.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99

CA22 0619 DB63 F2F7 51F9 D78D
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D

sil @ politrix . org    http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net

"How can we account for our present situation unless we
believe that men high in this government are concerting
to deliver us to disaster?" Joseph McCarthy "America's
Retreat from Victory"