| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <D44EDA72-DAAE-4BB8-B8A1-08CFCA14658C@arbor.net> Date: Tue, 10 May 2011 15:18:45 +0000 From: "Dobbins, Roland" <rdobbins@...or.net> To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Sony: No firewall and no patches On May 10, 2011, at 4:42 PM, Pete Smith wrote: > if an attacker initiates a connection dest port higher than 2048 (to some other server the attacker controls) and source port of 80 that will pass through an ACL without issues, this would not be so on a stateful firewall. If the attacker's in a position to generate an outbound connection sourced from a well-known port (which presumably is supposed to have an httpd attached to it), there's nothing a stateful firewall can do to improve matters. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@...or.net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists