Re: [fw-wiz] Variations of firewall ruleset bypass via FTP
From: Darren Reed (darrenr@reed.wattle.id.au)
Date: 10/11/02
- Next message: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Previous message: R. DuFresne: "[fw-wiz] source search;"
- In reply to: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Next in thread: Carson Gaspar: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Darren Reed <darrenr@reed.wattle.id.au> To: Mikael Olsson <mikael.olsson@clavister.com> Date: Fri Oct 11 07:55:59 2002
Another addendum to add to this story, a quick check of some ftp
daemons shows they will convert the response to (at least HELP)
into uppercase. The IPFilter ftp proxy will not accept that as
a valid response from a PASV.
e.g.
$ telnet solaris8 ftp
220 solaris8 FTP server (SunOS 5.8) ready.
HELP 227 Entering Passive Mode (h1,h2,h3,h4,p1,p2)
502 Unknown command 227 ENTERING PASSIVE MODE (H1,H2,H3,H4,P1,P2).
So if I may reiterate what I said earlier, what the firewall does
for data going from the ftp server is not isolated in this problem
from what the ftp server does to the input.
Darren
- Next message: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Previous message: R. DuFresne: "[fw-wiz] source search;"
- In reply to: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Next in thread: Carson Gaspar: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
