lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: cheekypeople at sec33.com (CHeeKY)
Subject: How to easily bypass a firewall...

know if the scene since hacks began Paul, if you insist on a layer 7
firewall then thats your failing, for home users minimal should be NAT
router with a layer 7 firewall, other build ya own ipcop or openbsd on a 386
or higher, that way you can bring in ids and have layers, or at least become
a checkpoint man as I am and have that at home on ipso hehehe, seriously at
the end of the day, the patches and your own common sense relating to opsys
hardening and understanding your system and what you put on it, should do
you the best.
All it comes down to is being bothered and having common sense, putting
anything on the net now, should be protected to hell, that is a absolute
must, not something you do later, most hacks from the scene or becuase
people either dont have the common sense or cant be bother, then they their
own worst enemy.




-------------------------------------------------------------------------
FIGHT BACK AGAINST SPAM!
Download Spam Inspector, the Award Winning Anti-Spam Filter
http://mail.giantcompany.com


----- Original Message ----- 
From: "Schmehl, Paul L" <pauls@...allas.edu>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, July 29, 2003 6:38 PM
Subject: RE: [Full-Disclosure] How to easily bypass a firewall...


> > -----Original Message-----
> > From: compguruman@...l.comcast.net
> > [mailto:compguruman@...l.comcast.net]
> > Sent: Tuesday, July 29, 2003 11:02 AM
> > To: full-disclosure@...ts.netsys.com
> > Subject: RE: [Full-Disclosure] How to easily bypass a firewall...
> >
> > At 03:49 PM 7/28/2003 -0500, you wrote:
> > >5. Firewall dialog box uses random numbers / letters represented by
> > >graphics that the user has to enter in a password field if
> > the password
> > >is not correct sound alarm, halt system.
> >
> > know of anything that does this?
> >
> Would it matter?  The scenario that was proposed is that there's a
> trojan on the box, and it can attempt certain methods of
> programmatically disabling the firewall.  If there's a trojan on the
> box, what does it matter?  *Anything* on the box can be disabled at that
> point.
>
> If I break in to a Linux box, for example, all I have to do, once I have
> root, is type:
> % /etc/rc.d/init.d/ipchains stop
>
> If it's a Windows box, I just kill the service:
> C:\ sc stop {firewall servicename}
>
> Or install the pstools to do it.
>
> The point is, once the box is owned, nothing else matters.
>
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ