RE: Re[2]: [Full-disclosure] Personal firewalls.
- From: William DeRieux <williamderieux@xxxxxxxxx>
- Date: Fri, 20 Jan 2006 18:22:04 -0500
Any self-respecting network administrator, (who knows what he/she is doing),
would have planned for that
And setup some kind of overideing ruleset, that will allways allow
communiction to/from it's own resources.
A.K.A, the "BLACKHOLE / IP BANNING" would be overiden for IP's & resources,
like that of it's DNS Servers.
But, that could, too, be exploited.
If Z spoofs packets using the ip of the DNS Server (the one that is not
banned because of the overide or 'never ban these ips, etc')
Would be allowed to send those packets, SYN Packet, etc, as was stated, ad
infinitum.
As, they say, no computer or server is ever, *TRULY*, secure - even with a
software or hardware firwall, or 'voodoo-like' security measures.
Digitalchaos
(just my 2 cents)
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Thierry
Zoller
Sent: Friday, January 20, 2006 5:58 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re[2]: [Full-disclosure] Personal firewalls.
Dear Eliah Kagan,
EK> Then Z comes along and sends a
EK> bunch of SYN packets to X, spoofed to have the source IP of Y, waits
EK> 10 minutes, and repeats ad infinitum.
Z sends spoofed packets coming from the DNS server of X even more
interesting..
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re[2]: [Full-disclosure] Personal firewalls.
- From: Thierry Zoller
- Re[2]: [Full-disclosure] Personal firewalls.
- Prev by Date: Re: Re[2]: [Full-disclosure] Personal firewalls.
- Next by Date: Re: [Full-disclosure] Personal firewalls.
- Previous by thread: Re: Re[2]: [Full-disclosure] Personal firewalls.
- Next by thread: Re: [Full-disclosure] Personal firewalls.
- Index(es):
Relevant Pages
|
|
