lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: evol at ruiner.halo.nu (evol@...ner.halo.nu) Subject: Empirical data surrounding guards and firewalls. All, Evol would like to share empirical data gained today. Evol believes this make internet community much happy, and make the Mr. Peter not regulate. So what happened? Evol explains: Target: ------ -Firewall -McDonald's guard Materials: --------- -(1) Evol -(1) Shoes -(1) Shirt -(1) Computer -(1) Internet connection -(1) Firewalled host Procedure: --------- For each target, undergo the following steps: 1.) Enumerate an acceptable entrance policy. 2.) Attempt to enter while following entrance policy. Data: ----- Firewall: -------- The firewall at internet host www.mcdonalds.com accepts connections to TCP/IP port 80. Rules are similar to 'DENY ALL EXCEPT TCP PORT 80' So make connection to port 80 and note results. Results: ------- Normal transaction was accepted. See results: HTTP/1.1 400 Bad request Server: Netscape-Enterprise/4.1 Date: Thu, 02 Sep 2004 XX:XX:XX GMT Content-length: 147 Content-type: text/html Connection: close Store: ----- The store at the location closest to me was chosen as a specific target. The entrance policy is: 'IF (NOT SHOES) OR (NOT SHIRT) DENY' So, evol enters store with only shoes and a shirt. Data: ---- Evol was rejected conduction of normal buisness. No Big Mac today, get out! Then, when Evol tries to proceed anyway, cops take Evol out of McDonalds. Conclusion: ---------- People and firewalls are different. Thanks Internet Community, hope much hapiness for you. -Evol
Powered by blists - more mailing lists