Re: [fw-wiz] Firewalls that generate new packets..

---

• From: Darren Reed <Darren.Reed@xxxxxxx>
• Date: Tue, 27 Nov 2007 19:56:19 -0800

---

Marcin Antkiewicz wrote:

...

Everyoen loves war stories: I do consulting sometimes, and last time it
was for a place with IDS, IPS, 3 AV subscriptions, HTTP proxy, split
horizon DNS, 2 (!) layers of firewalls (statefull), encrypted and
unencrypted wireless, NAC and traffic shaper. The bad guys still got in!
How you ask? Easy: via HTTP/s, dns, smtp (traffic on all the protocols
was proxied, in and out).

How was each protocol (HTTP, dns, smtp) used to get in?
Exploiting bugs in applications implementing each?
or...?

Darren

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

---

• References:
  • Re: [fw-wiz] Firewalls that generate new packets..
    • From: Darden, Patrick S.
  • Re: [fw-wiz] Firewalls that generate new packets..
    • From: Marcin Antkiewicz

• Prev by Date: Re: [fw-wiz] Firewalls that generate new packets..
• Next by Date: Re: [fw-wiz] Firewalls that generate new packets..
• Previous by thread: Re: [fw-wiz] Firewalls that generate new packets..
• Next by thread: Re: [fw-wiz] Firewalls that generate new packets..
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Firewall-Wizards  > 2007-11