Re: do firewalls really work?

From: Bit Twister (BitTwister_at_localhost.localdomain)
Date: 06/27/04


Date: Sun, 27 Jun 2004 12:10:21 GMT

On Sun, 27 Jun 2004 08:00:57 GMT, news wrote:

> Can a hacker bypass a firewall from outside easily?

Anything is easy when you know how. A CRACKER gets through the
firewall by using a service or a bug in the firewall or Operating system.

When you see the term *External Exploit* that means the attacker can get
control from the outside. All the attacker has to do is it get the
program with the external exploit to run.

> As for spyware perhaps execution detection or registry monitoring is enough?

Tell me, if some malware attaches it's self to a valid program which
is already registered, would a registry monitoring program see it?



Relevant Pages

  • RE: Is this as bad as it seems?
    ... The network being protected by the router or firewall is still vulnerable to ... > circumvented - the administrator has explicitly allowed HTTP traffic on ... this exploit has the effect of allowing the attacker to send *INBOUND* HTTP ... The HTTP server (located on the internal network or anywhere else that is ...
    (Security-Basics)
  • [NEWS] Multiple Firewalls Ruleset Bypass through FTP Revisited
    ... a new attack method affected most leading firewall ... connect to a restrictive port. ... resend control strings supplied by the attacker that a vulnerable firewall ... Connect to FTP server and log on ...
    (Securiteam)
  • [VulnWatch] vulnerabilities in fortigate firewall webinterface
    ... Several vulnerabilities in web interface of Fortigate firewall of which ... attacker to obtain a username and password of the Fortigate. ... Username and MD5 hash of password are stored in cookie. ... WEB FILTER LOG PARSES UNFILTERED SESSION DETAILS ...
    (VulnWatch)
  • [Full-Disclosure] vulnerabilities in fortigate firewall webinterface
    ... Several vulnerabilities in web interface of Fortigate firewall of which ... attacker to obtain a username and password of the Fortigate. ... Username and MD5 hash of password are stored in cookie. ... WEB FILTER LOG PARSES UNFILTERED SESSION DETAILS ...
    (Full-Disclosure)
  • Next-hop scanning for open firewall ports
    ... a router after the firewall, ... Given a target computer protected by a firewall, ... where it's beneficial to push the filtering as far ... R1 will send back ICMP expired messages, but the attacker won't ...
    (Bugtraq)