[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] fpipe - interesting security experiment

Subject: RE: [cobalt-security] fpipe - interesting security experiment
From: "Drage, Nicholas" <nickd@xxxxxxxxx>
Date: Fri, 15 Jun 2001 14:28:18 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> > Not according to the text on the webpage.  fpipe allows you 
> > to specify the *source* port of connections, and the destination port,
> > if you point packets at whichever host it's running on and at the port
> > it's listening on ( -s, -r and -l respectively ).
> 
> Ohhhh, I get it... that makes more sense... I suppose then 
> that this tool would be more useful for getting out from behind a firewall

> with restrictive access rules.

Yes.

Or inbound through stateless firewalls that allow traffic through with a
certain source port, i.e. port 53 to allow all DNS traffic through.

Or through stateful firewalls that have, for whatever reason, an inbound
hole in them.  Some PC firewalls allow all traffic with a source port for
DHCP ( 68 IIRC ) through for example - ZoneAlarm springs to mind but I could
be wrong.

Or, of course, stateful firewalls that don't keep state very well, so once
you've connected outbound they allow any traffic inbound with the right
source port.....

<snip>

-- 
Nick Drage - Security Architecture - Demon Internet - Thus PLC
As of Fri 15/06/2001 at 12:46 
This computer has been up for 1 day, 19 hours, 42 minutes, 25 seconds.

Prev by Date: RE: [cobalt-security] [RaQ3] Port Sentry
Next by Date: RE: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)
Previous by thread: Re: [cobalt-security] fpipe - interesting security experiment
Next by thread: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit (fwd)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index