Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Attack on badly configured Netfilter-based firewalls
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 09 Mar 2012 22:49:21 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/09/2012 04:01 PM, Eric Leblond wrote:
Hello,

On Mon, 2012-02-27 at 14:46 +0100, Eric Leblond wrote:
Hello,

On Mon, 2012-02-27 at 05:25 +0400, Solar Designer wrote:
Eugene, all -

On Mon, Feb 27, 2012 at 09:19:59AM +0800, Eugene Teo wrote:
...

e it to Eric much earlier),
Eric would post to the list e.g. in January and ask for the
issue to be kept private until March - thereby violating the
list's maximum embargo period.

The slides and videos of my CansecWest talk are available: 
http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/

 I've done a complete description of the attack and also
demonstrate the need to be careful with the use of helpers.

BR,

Are there any specific issues for which you need CVE's? (haven't had
time to view the slides yet, hopefully soon).

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPWuthAAoJEBYNRVNeJnmTIM8QAMJkVHzHjQOAGyKXuajUfwLo
EHX2pd7gosTir5Bi5MB6IJFlzDBRDPzD9Sj3m3zc+pYdory/J0yS38/iwodm4qAZ
M6i/MV0Fs6WB+WWYlgj/8wD3o+0vU2qaBkQ2Y6CUw+fh1EV+uB5eh/JiE4s2kLrc
gmhM3tc/4ebAzJT0LD8IZKqVokRvSkNSLltcW13fLVY2+kJxy4Skf2NrqBdtkwDT
5C8d4CuGyOe6iJ9fWQ3B2PCC+pf4S9Ywmef5omJv6v9hzlqxm8DQ49vjkkTToK71
VHjsPHSLcJnGjm08NlEb8Yhvh+oDWWiAYosRT9nBtGSoFou+WZGXKdQOQcMRRwd2
7Iwng4VRUqzqYqa93SQ07974SfzscF6hs1QWslUWXqHZfStp95iY6SU/shCuEyX8
PerHjlmnyayq8EuJWb9Wvv7/4a7/BEfYduKC8fRbtRnbNpgwtIk3VEo2aLRHHfeh
cVIwUEgkMHFH0jzBghVrHnkteHAH3B37YWjIt3VHc6n8BWr516s8uleoclrM1q5S
15fkrnjCbRGqjRPOnCzPzKP0g0kRqotmr8VbJpTd4i2JBMm7sZk9ip2+F+iJRw8d
f4e2n2mfRW0X4uUVUXXyCX7fMZ3H0mR52FBhOD8+I+PwwHrbgRcgTjjXp0qzcl+Y
fSFjEfrMd1BAwIHNW7Uz
=KyjP
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault