Penetration Testing mailing list archives
Re: [PEN-TEST] IP fragmentation attack
From: "Fabio Pietrosanti (naif)" <fabio () TELEMAIL IT>
Date: Wed, 18 Oct 2000 19:01:43 +0200
Hi Dario, Working with Cisco PIX Firewall, i notice that NO malicious fragment should pass this statefull firewall, also the ios's CBAC with "ip inspect fragment" every kind of attack that use fragmentation. naif On Wed, 18 Oct 2000, Dario Forte - Csi Member - wrote:
Greetings to all. My lab is doing an specific pen test against two different lan segment (Firewall and Ids Protected), with Ip Frag Attack. Does somebody can highlight some real recent news about this issue ? We already know the lance's, rfc's and DugSong paper about these argument;we would like to know more info (and opinions) about the fact that IP fragmentation works as firewalls are supposed to keep the state of a connection. Thanks in advance dario
Current thread:
- [PEN-TEST] IP fragmentation attack Dario Forte - Csi Member - (Oct 18)
- Re: [PEN-TEST] IP fragmentation attack Fabio Pietrosanti (naif) (Oct 18)
- Re: [PEN-TEST] IP fragmentation attack Tom Vandepoel (Oct 19)
- Re: [PEN-TEST] IP fragmentation attack Cold Fire (Oct 20)
- Re: [PEN-TEST] IP fragmentation attack Tom Vandepoel (Oct 20)
- Re: [PEN-TEST] IP fragmentation attack Mitchell, Edward (Oct 21)
- Re: [PEN-TEST] IP fragmentation attack Tom Vandepoel (Oct 19)
- Re: [PEN-TEST] IP fragmentation attack Fabio Pietrosanti (naif) (Oct 18)
- <Possible follow-ups>
- Re: [PEN-TEST] IP fragmentation attack Miller, William T DISC4/Sytex (Oct 18)
- Re: [PEN-TEST] IP fragmentation attack Bradley M Alexander (Oct 18)
- Re: [PEN-TEST] IP fragmentation attack Nicolas FISCHBACH (Oct 20)
- Re: [PEN-TEST] IP fragmentation attack Bradley M Alexander (Oct 18)
- Re: [PEN-TEST] IP fragmentation attack net tigr (Oct 19)