Penetration Testing mailing list archives
[PEN-TEST] RES: [PEN-TEST] advertising private IP numbers?
From: Leandro José Malaquias de Oliveira <Leandro () HEPTA COM BR>
Date: Fri, 22 Dec 2000 15:28:27 -0300
I´ve been testing the svcacl.cnf vulnerability. It seems that I´m actually downloading the file, but after downloading it. I can´t find it in my machine. Can anyone tell me if thats because I´m executing it remotly. Or what is actually happening. Thank you leandro -----Mensagem original----- De: Deus, Attonbitus [mailto:Thor () HAMMEROFGOD COM] Enviada em: Friday, December 22, 2000 2:17 PM Para: PEN-TEST () SECURITYFOCUS COM Assunto: Re: [PEN-TEST] advertising private IP numbers?
Well, by definition, a Proxy/Firewall has to have ip forwarding turned on, or else it would not achieve the desired effect of passing any traffic.
Insofar as MS Proxy is concerned, this is not true. IP Forwarding should be spefically turned off, or anything on the external segment will be able to route into your private network. The forwarding functionality is provided for by the proxy service itself. I have seen forwarding turned on in cache-only configurations, but it is not the correct setting when standard firewall/packet filtering configurations are used. --------------------------------- Attonbitus Deus Thor () HammerofGod Com
Current thread:
- [PEN-TEST] RES: [PEN-TEST] advertising private IP numbers? Leandro José Malaquias de Oliveira (Dec 22)