|
Penetration Testing
mailing list archives
Is ipchains -y secure enough?
From: "Philip Stoev" <philip () stoev org>
Date: Mon, 4 Jun 2001 17:57:00 +0300
Excuse me for the ignorance, but I would like to ask if the community
considers ipchains rules containing the -y flag as secure for the purpose of
TCP filtering. Such a rule will prevent the stablishment of TCP connections
to the host being firewalled. Is there a way to curcumvent such a
protection?
I am mostly interested if direct attacks (as if there is no firewall rule at
all) are possible. I know that if there is a broken proxy server or a web
interface or something else that can be used as a launch pad, such filters
may not help. However, what can an attacker do to a filtered service if no
other vulnerable or insecure service exists?
We assume that there are no UDP services running on the machine being
firewalled (as -y filters do not apply to those) and that the TCP/IP stacks
are stable enough (no DoS conditions, floods, etc.).
Yes, I know that port scanners can bypass -y filters and still map the host
being firewalled, however is there more that can be done against such a
host?
Thanks in advance.
Philip
 By Date 
By Thread
Current thread:
- Is ipchains -y secure enough? Philip Stoev (Jun 04)
|
Intro
