Firewall Wizards mailing list archives

Re: Firewalls that generate new packets..

From: Darren Reed <Darren.Reed () Sun COM>
Date: Tue, 27 Nov 2007 19:56:19 -0800

Marcin Antkiewicz wrote:

...

Everyoen loves war stories: I do consulting sometimes, and last time it 
was for a place with IDS, IPS, 3 AV subscriptions, HTTP proxy, split 
horizon DNS, 2 (!) layers of firewalls (statefull), encrypted and 
unencrypted wireless, NAC and traffic shaper. The bad guys still got in! 
How you ask? Easy: via HTTP/s, dns, smtp (traffic on all the protocols 
was proxied, in and out).


How was each protocol (HTTP, dns, smtp) used to get in?
Exploiting bugs in applications implementing each?
or...?

Darren

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Firewalls that generate new packets.., (continued)
- - - Re: Firewalls that generate new packets.. Paul D. Robertson (Nov 28)
    - Re: Firewalls that generate new packets.. Darden, Patrick S. (Nov 29)
    - Re: Firewalls that generate new packets.. Paul D. Robertson (Nov 29)
    - Re: Firewalls that generate new packets.. Darden, Patrick S. (Nov 30)
    - Re: Firewalls that generate new packets.. AMuse (Nov 28)
    - Re: Firewalls that generate new packets.. Marcus J. Ranum (Nov 28)
    - Re: Firewalls that generate new packets.. AMuse (Nov 28)
    - Re: Firewalls that generate new packets.. Patrick M. Hausen (Nov 28)
    - Re: Firewalls that generate new packets.. Marcin Antkiewicz (Nov 27)
    - Re: Firewalls that generate new packets.. ArkanoiD (Nov 28)
    - Re: Firewalls that generate new packets.. Darren Reed (Nov 28)
    - Re: Firewalls that generate new packets.. Marcus J. Ranum (Nov 28)
    - Re: Firewalls that generate new packets.. Darden, Patrick S. (Nov 29)
    - Re: Firewalls that generate new packets.. Timothy Shea (Nov 29)
    - Re: Firewalls that generate new packets.. Darden, Patrick S. (Nov 30)
    - Re: Firewalls that generate new packets.. Marcus J. Ranum (Nov 30)
    - Re: Firewalls that generate new packets.. Paul D. Robertson (Nov 27)
    - Re: Firewalls that generate new packets.. Anton Chuvakin (Nov 27)
    - Message not available
    - Re: Firewalls that generate new packets.. Marcus J. Ranum (Nov 27)
    - Re: Firewalls that generate new packets.. Anton Chuvakin (Nov 28)
    - Re: Firewalls that generate new packets.. jason (Nov 27)

(Thread continues...)