Re: [PEN-TEST] linux iptables ftp port command -- demo tool

From: Lluis Mora (llmoraat_private)
Date: Tue Apr 17 2001 - 04:37:31 PDT

  • Next message: Oliver Petruzel: "[PEN-TEST] infrared question"

    The bug is in the connection tracking mechanism, which is a new feature in
    netfilter, so the bug is not present in ipchains (nor in other previous
    releases of Linux firewalling code, e.g. ipfwadm, ipfw, etc.).
    
    It is similar to a Firewall-1 and Cisco PIX bug found last year:
    
    	http://www.securityfocus.com/bid/979
    
    Cheers,
    
    Lluis Mora	llmoraat_private
    S21SEC
    
    -----Original Message-----
    From: Penetration Testers [mailto:PEN-TESTat_private]On Behalf
    Of Keith.Morgan
    Sent: martes, 17 de abril de 2001 4:10
    To: PEN-TESTat_private
    Subject: Re: [PEN-TEST] linux iptables ftp port command -- demo tool
    
    
    Have you tried this on an ipchains based firewall?
    
    
    Keith T. Morgan
    Chief of Information Security
    Terradon Communications
    keith.morganat_private
    304-755-8291 x142
    
    
    > -----Original Message-----
    > From:	Cristiano Lincoln Mattos [SMTP:lincolnat_private]
    > Sent:	Monday, April 16, 2001 7:43 PM
    > To:	PEN-TESTat_private
    > Subject:	[PEN-TEST] linux iptables ftp port command -- demo tool
    >
    > Hi,
    >
    > 	The advisory on this should be going on Bugtraq, for
    > whoever is interested -- this is a little tool that i wrote
    > for it, since this is pen-test :) Curious thing is I actually
    > discovered this in a pen-test.
    >
    > Cristiano Lincoln Mattos, CISSP, SSCP
    > CESAR - Centro de Estudos e Sistemas Avançados do Recife
    >
    >
    > #!/usr/bin/perl
    > #
    > # nf-drill.pl --- "Drill" holes open in Linux iptables connection table
    > # Author: Cristiano Lincoln Mattos <lincolnat_private>, 2001
    	<snip>
    



    This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 14:11:28 PDT