Enemy of the State (breaking Stateful Inspection based fw's)
From: J. Oquendo (sil_at_infiltrated.net)
Date: 12/11/04
- Previous message: Debasis Mohanty: "MS IE User's Authentication Details (userid/password) Sharing Issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Dec 2004 22:00:28 -0500 (EST) To: vuln-dev@securityfocus.com
Conceptual, theoretical, proof of concept thought on breaking Stateful
Inspection based failover firewall sessions. Still working on this, and
will re-do the wording when I have some free downtime but thought others
would like to get an idea of how it might/can be broken...
http://www.infiltrated.net/enemyofthestate.html
Might do some POC codework when I have some spare time, but what I would
really like are some packet dumps of Stateful sessions under different
firewalls. X'd out address dumps would be nice.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99
CA22 0619 DB63 F2F7 51F9 D78D
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D
sil @ politrix . org http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net
"How can we account for our present situation unless we
believe that men high in this government are concerting
to deliver us to disaster?" Joseph McCarthy "America's
Retreat from Victory"
- Previous message: Debasis Mohanty: "MS IE User's Authentication Details (userid/password) Sharing Issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
