Re: Completely Bypassing a Firewall?! - Carl-Daniel Hailfinger

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
To: Jimmy Hedman <jimmy.hedman@southpole.se>
Cc: netfilter@lists.netfilter.org
Subject: Re: Completely Bypassing a Firewall?!
Date: Fri, 27 Jan 2006 15:54:57 +0100	[thread overview]
Message-ID: <43DA3441.5090901@gmx.net> (raw)
In-Reply-To: <33402.138.106.11.116.1138351847.squirrel@intern.southpole.se>

Jimmy Hedman schrieb:
>>We just heard a rumor about our rival company, that they have developed
>>a "system" that can completely bypass a properly-configured/locked-down
>>firewall (netfilter or any other).

Properly locked down = no connection to the outside possible, not even
via proxy. No ICMP, no DNS, no SMTP. Well, in that case it would be
interesting to see them break that. OTOH, such a thing makes it impossible
for anyone to surf the net or send mails.

>>Is this truly possible? with only external access and no software that's
>>already been planted inside the firewall?
>>
> 
> If you have someone at the "inside" there is no problem to create tunnels
> with for example OpenVPN that completly "bypasses" the firewall. If you
> create a tunnel with OpenVPN over https and bridge the networks together
> you could get everything through with the traffic looking just like
> ordinary https-traffic.
> But with only access from the outside it is very vary hard, if not
> impossible.

Yes, but finding a sufficiently naive user will probably be easy. I wrote
such a tool myself (but it used a few java quirks), so if you can get
somebody inside to click on something you present him, every other defense
(except cutting the wire physically or logically) is worthless. Hey, you
could even use the WMF exploit for such a purpose.

Regards,
Carl-Daniel
-- 
http://www.hailfinger.org/

next prev parent reply	other threads:[~2006-01-27 14:54 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-01-25 14:07 Completely Bypassing a Firewall?! Jason Noble
2006-01-25 17:02 ` /dev/rob0
2006-01-26  3:48 ` Mark E. Donaldson
2006-01-27  8:50 ` Jimmy Hedman
2006-01-27 14:54   ` Carl-Daniel Hailfinger [this message]
2006-01-29  4:31     ` John A. Sullivan III
  -- strict thread matches above, loose matches on Subject: below --
2006-01-25 14:28 Derick Anderson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43DA3441.5090901@gmx.net \
    --to=c-d.hailfinger.devel.2006@gmx.net \
    --cc=jimmy.hedman@southpole.se \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.