[fw-wiz] Phrack #60: "Java tears down the Firewall"
From: Mikael Olsson (mikael.olsson@clavister.com)
Date: 12/28/02
- Next message: Mike Scher: "Re: [fw-wiz] cyberguard performance?"
- Previous message: Mikael Olsson: "Re: [fw-wiz] cyberguard performance?"
- Next in thread: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
- Reply: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mikael Olsson <mikael.olsson@clavister.com> To: fw-wiz <firewall-wizards@honor.icsalabs.com> Date: Sat Dec 28 19:40:17 2002
Just a quick heads up re: Java and FTP and firewalls.
Looks like someone finally unleashed this evil on the public:
(I've been having fun with this in pen tests for 2+ years now :P)
http://www.phrack.org/show.php?p=60&a=3
Item 5: "Java tears down the Firewall", about two thirds down the page.
If your firewall can be configured to restrict protected clients so that
they are only allowed to use passive mode FTP, now would be a good time
to do so.
Free clue for people using "ftp.exe": http://www.ncftp.com/ncftp/
-- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com
- Next message: Mike Scher: "Re: [fw-wiz] cyberguard performance?"
- Previous message: Mikael Olsson: "Re: [fw-wiz] cyberguard performance?"
- Next in thread: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
- Reply: Mikael Olsson: "Re: [fw-wiz] Phrack #60: "Java tears down the Firewall""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
