Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: FireWall-1 FTP Server Vulnerability
From: dugsong () MONKEY ORG (Dug Song)
Date: Fri, 18 Feb 2000 23:27:26 -0500


On Fri, 18 Feb 2000, Mikael Olsson wrote:

The only solution that even begins to look "good" is to completely
reassemble the TCP stream and not make "educated" guesses about what
packet data belongs on what line and in which order and state of the
FTP protocol.

inspecting TCP application data within individual IP packets is a basic
layer violation. network IDSs also suffer from this problem, only worse.
fragrouter demonstrates this nicely.

reassembling the TCP stream will only get you so far - your proxy still
needs to actually implement the application protocol correctly. i'm
releasing a 'fragproxy' tool soon to demonstrate this.

but for now, an ObLameExploit:

        http://www.monkey.org/~dugsong/ftp-ozone.c.txt

-d.

---
http://www.monkey.org/~dugsong/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault