Firewall Wizards mailing list archives
Re: Phrack #60: "Java tears down the Firewall"
From: Gary Flynn <flynngn () jmu edu>
Date: Sun, 05 Jan 2003 10:21:25 -0500
Dragos Ruiu wrote:
Not to mention packaging a signed applet that would have no such restrictions and making it socially attractive to disregard any security warnings. Not thatOn January 3, 2003 10:02 pm, Marcus J. Ranum wrote:Mikael Olsson wrote:- The firewall automagically pokes a hole for this "data channel" - The server box is suddenly allowed to connect to this vulnerable port, through the firewall.Could the java app proxy to other ports internally? Seems like a simple exercise for the malcoder. mjr.In theory the java security model was supposed to limit this. Practice so far has fallen short of theory. :-)
anyone would ever do such a thing :) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Phrack #60: "Java tears down the Firewall", (continued)
- Re: Phrack #60: "Java tears down the Firewall" Marcus J. Ranum (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" Mikael Olsson (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" David Lang (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" Mikael Olsson (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" Árpád , Magosányi (Jan 06)
- Re: Phrack #60: "Java tears down the Firewall" Mikael Olsson (Jan 06)
- Re: Phrack #60: "Java tears down the Firewall" Magosnyi rpd (Jan 07)
- Re: Phrack #60: "Java tears down the Firewall" Mikael Olsson (Jan 07)
- Re: Phrack #60: "Java tears down the Firewall" Kevin Steves (Jan 11)
- Re: Phrack #60: "Java tears down the Firewall" Mikael Olsson (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" Marcus J. Ranum (Jan 03)
- Re: Phrack #60: "Java tears down the Firewall" Gary Flynn (Jan 05)