Security Basics mailing list archives
Re: Firewall question - how easy is it to get thru - Proof
From: Robson de Oliveira Albuquerque <robsonalbuquerque () dte gov br>
Date: Wed, 16 Feb 2011 15:54:42 -0200
Hi Philippe. There are several ways of doing that. Normally these days, firewalls are based on a layer. The most common are layer 3 (ip) and layer 4 (transport). But are also firewalls in layer 2 (link) and layer 5 (application). Most of the "known" firewalls are layer 3 and 4. Statefull and/or stateless. If you have a firewall in front of your application and your application has flaws, an attack won't even consider your firewall. If you have a "insider" (infeccted machine) also it wont go through your firewall if your servers are in the same "ip lan". And a lot more options available. To bypass IPS/IDS, there are several ways of doing that. The common name are IPS/IDS evasion and a lot of tools can do that. Regards. Robson On 14/2/2011 12:53, Rivest, Philippe wrote:
Quick question. When I do an audit and when I find a major flaw or deficiency, IT always tells me "its because your in the internal LAN, we have a firewall protecting us". I know you have all heard that. So I try to explain that you could attack thru physical security, social engineering, virus and a lot of other ways and in the end I always add "Someone more "expert" in Firewall could bypass it". I don't really need a "how-to" but I'm looking for proof and a time frame on how long it normally takes for a real hacker/cracker to attack and bypass (where possible) a Firewall control (IPS/IDS also!). I know this is not a click-click your done type of job, but I know its possible. Thanks for any links or advice! Important: Please note that my new email address is privest () transforcecompany com Please note that my new website address is http://www.transforcecompany.com SVP Veuillez noter que ma nouvelle adresse courriel est privest () transforcecompany com SVP Veuillez noter que ma nouvelle adresse web est http://www.transforcecompany.com Philippe Rivest - CISA, CISSP, CEH, Network+, Server+, A+ TransForce Inc. Internal auditor - Information security Vérificateur interne - Sécurité de l'information Linkedin: http://ca.linkedin.com/pub/philippe-rivest/20/19a/232 6600 Saint-François Saint-Laurent (Quebec) H4S 1B7 Tel.: 514-331-4417 Fax: 514-856-7541 www.transforcecompany.com ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- ___________________________________ Robson de Oliveira Albuquerque Agência Brasileira de Inteligência OpenPGP KeyID 261F3D80 ___________________________________ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Vulnerability Data, (continued)
- Re: Vulnerability Data lonervamp (Feb 11)
- RE: Vulnerability Data Mikhail A. Utin (Feb 15)
- Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Francois Yang (Feb 15)
- RE: Firewall question - how easy is it to get thru - Proof Rivest, Philippe (Feb 17)
- RE: Firewall question - how easy is it to get thru - Proof Mark Brunner (Feb 18)
- Re: Firewall question - how easy is it to get thru - Proof Todd Haverkos (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Jan Muenther (Feb 15)
- Re: Firewall question - how easy is it to get thru - Proof Max Chow (Feb 17)
- Re: Firewall question - how easy is it to get thru - Proof Gichuki John Chuksjonia (Feb 18)
- Re: Vulnerability Data lonervamp (Feb 11)
- Re: Firewall question - how easy is it to get thru - Proof Robson de Oliveira Albuquerque (Feb 17)
- Re: Firewall question - how easy is it to get thru - Proof Ansgar Wiechers (Feb 17)