| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <001f01c49154$7d0386c0$fc09a8c0@PC1221> From: mnv at alumni.princeton.edu (MN Vasquez) Subject: Empirical data surrounding guards and firewalls. Hrm. I think if enough people wearing only shirts and shoes ran into mcdonald's, at least some of the would get in, and not be blocked by the rule. ----- Original Message ----- From: "James Tucker" <jftucker@...il.com> To: <evol@...ner.halo.nu> Cc: <full-disclosure@...ts.netsys.com> Sent: Thursday, September 02, 2004 3:15 PM Subject: Re: [Full-Disclosure] Empirical data surrounding guards and firewalls. > Apologies, please explain the lack of differences, I'm not getting them. > > Virtual: > "The door" - Port 80 - Closed after connection attempt. You come back, > it does the same, and then closes again. 404 Error not being > dissimilar to being told to get out. > > Real: > Cops show up - As with the firewall, it does not actively stop you > from reconnecting. McDonalds staff did not prevent you from > re-entering the premesis themselves. > > Measures in Both: > In the event of reconnection attempts the firewall logs would indicate > an attack and external policing would have to deal with the problem. > > As far as I can see it the only difference is scaling, you can make > many many millions of requests before a flood warning appears, whereas > you only need to refuse to leave a few times before the police are > called. I guess humans have less patience than computers. > > Of course I could be missing something? > > Oh yeah, I did miss something, you can't "disconnect" someone from > being present in the building, as you can with a socket on a server. > But with reconnection scaling, is that really relevant? A little, > moreso in some circumstances, but not in this one. > > Why complain about anologies when your response contains anaolgies > such as this one. > > Did you really go into McDonalds and harrass the staff today and get > taken away by the police? Please say yes, that would make my day. ROFL > :) > > > On Thu, 2 Sep 2004 14:45:56 -0500 (CDT), evol@...ner.halo.nu > <evol@...ner.halo.nu> wrote: > > Target: > > ------ > > -Firewall > > -McDonald's guard > > > > Materials: > > --------- > > -(1) Evol > > -(1) Shoes > > -(1) Shirt > > -(1) Computer > > -(1) Internet connection > > -(1) Firewalled host > > > > Procedure: > > --------- > > For each target, undergo the following steps: > > > > 1.) Enumerate an acceptable entrance policy. > > 2.) Attempt to enter while following entrance policy. > > > > Data: > > ----- > > Firewall: > > -------- > > The firewall at internet host www.mcdonalds.com accepts > > connections to TCP/IP port 80. Rules are similar to 'DENY > > ALL EXCEPT TCP PORT 80' So make connection to port 80 and > > note results. > > Results: > > ------- > > Normal transaction was accepted. See results: > > > > HTTP/1.1 400 Bad request > > Server: Netscape-Enterprise/4.1 > > Date: Thu, 02 Sep 2004 XX:XX:XX GMT > > Content-length: 147 > > Content-type: text/html > > Connection: close > > > > Store: > > ----- > > The store at the location closest to me was chosen as a > > specific target. The entrance policy is: > > 'IF (NOT SHOES) OR (NOT SHIRT) DENY' > > So, evol enters store with only shoes and a shirt. > > > > Data: > > ---- > > Evol was rejected conduction of normal buisness. No > > Big Mac today, get out! Then, when Evol tries to > > proceed anyway, cops take Evol out of McDonalds. > > > > Conclusion: > > ---------- > > People and firewalls are different. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists