[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] fpipe - interesting security experiment

Subject: Re: [cobalt-security] fpipe - interesting security experiment
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Fri, 15 Jun 2001 08:50:24 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> Not according to the text on the webpage.  fpipe allows you to specify the
> *source* port of connections, and the destination port, if you point
packets
> at whichever host it's running on and at the port it's listening on
( -s, -r
> and -l respectively ).

Ohhhh, I get it... that makes more sense... I suppose then that this tool
would be more useful for getting out from behind a firewall with restrictive
access rules.

> It doesn't allow you to connect to that port on the *remote* server you're
> trying to connect to, and then somehow jump to a different port.  ( if it
> did, your comment of "scary" is lacking the necessary 100 exclamation
marks
> )

Now see that's what I was thinking!

> EITHER the IP address you're connecting from is allowed to connect through
> the firewall to the admin server anyway, so all fpipe is doing is sending
> those packets from a low source port.

As it turns out, the admin at the other end altered the config so he could
access the user admin from home... its a good thing I found it!

Thanks,
Kevin

References:
- RE: [cobalt-security] fpipe - interesting security experiment
  - From: Drage, Nicholas

Prev by Date: Re: [cobalt-security] RaQ4-All-Security Release 1.0.2-5-9769
Next by Date: RE: [cobalt-security] [RaQ3] Port Sentry
Previous by thread: RE: [cobalt-security] fpipe - interesting security experiment
Next by thread: RE: [cobalt-security] fpipe - interesting security experiment

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index