Playing with Network Layers to Bypass Firewalls’ Filtering Policy

The slides of my CansecWest talk can now be downloaded: Playing with Network Layers to Bypass Firewalls’ Filtering Policy.

The required counter-measures are described in the Secure use of iptables and connection tracking helpers document

The associated video demonstrations are available:

First video demonstrates how to use forged IRC protocol command (DCC request) to be able to open connection to a NATed client from internet.

Second video demonstrates the effect of the attack on helpers on a non protected Netfilter Firewall.

Third video demonstrates the effect of the attack on helpers on a badly configured Checkpoint firewall.

More information will come in upcoming posts.

3 thoughts on “Playing with Network Layers to Bypass Firewalls’ Filtering Policy”

  1. Hi, is there any video recording (can’t find one) of your talk @CansecWest ? I’ll be happy to see it if so…
    Anyway great material !!

Leave a Reply

Your email address will not be published. Required fields are marked *