Playing with Network Layers to Bypass Firewalls’ Filtering Policy

 Netfilter, Sécurité  Add comments
Mar 092012
 

The slides of my CansecWest talk can now be downloaded: Playing with Network Layers to Bypass Firewalls’ Filtering Policy.

The required counter-measures are described in the Secure use of iptables and connection tracking helpers document

The associated video demonstrations are available:

First video demonstrates how to use forged IRC protocol command (DCC request) to be able to open connection to a NATed client from internet.

Second video demonstrates the effect of the attack on helpers on a non protected Netfilter Firewall.

Third video demonstrates the effect of the attack on helpers on a badly configured Checkpoint firewall.

More information will come in upcoming posts.

  3 Responses to “Playing with Network Layers to Bypass Firewalls’ Filtering Policy”

  1. Re: Attack on badly configured Netfilter-based firewalls | Net Cleaner says:
    2012/03/11 at 17:55

    [...] The slides and videos of my CansecWest talk are available: http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/ [...]

  2. Re: Attack on badly configured Netfilter-based firewalls | Net Cleaner says:
    2012/03/11 at 17:55

    [...] The slides and videos of my CansecWest talk are available: http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/ [...]

  3. ferme-to-cell says:
    2012/05/10 at 23:31

    Hi, is there any video recording (can’t find one) of your talk @CansecWest ? I’ll be happy to see it if so…
    Anyway great material !!

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>