SlideShare a Scribd company logo

Bypassing firewalls

Kumar
Kumar

The document discusses techniques for bypassing firewall systems. It provides background on firewall systems, describing their evolution, types, state of the art features, and risks. It then outlines various attack techniques hackers use to bypass firewalls, such as compromising external trusted systems, exploiting vulnerabilities in client software, stealing credentials through screen grabbing, and sending malicious content in files or emails that exploit software vulnerabilities when opened. The goal of these attacks is to access internal corporate networks or run attacker code on internal systems.

Technology
1 of 50
Download to read offline
Adam Gowdiak Techniques used for bypassing firewall systems presented by 9th TF-CSIRT Meeting, 29-30th May 2003, Warsaw Copyright@2003PoznanSupercomputingandNetworkingCenter,Poland
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 2 § POL34-CERT is part of Poznan Supercomputing and Networking Center, the operator of the Polish Scientific Broadband Network POL34/155 § It has been established in 2000 to provide effective incident response service to members and users of the POL34/155 network § The primary goal was to provide active incident handling with high quality technical support which can be guaranteed by seven years of experience acquired by the Security Team of PSNC About POL34-CERT Who we are?
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 3 § An adequate technical support while handling security incidents and recovering from their consequences § Complex co-ordination of all responses to an incident with special emphasis on exchanging information between various interested parties § Valuable educational materials aimed at increasing the awareness of security as well as improving the overall knowledge of security techniques among the members of the constituency About POL34-CERT Mission statement
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 4 The declared constituency of POL34-CERT contains all those systems connected to POL34/155 network i.e. networks of most academic and scientific institutions in Poland About POL34-CERT Constituency
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 5 § Security administration of the POL34/155 network infrastructure and PSNC’s supercomputing resources § Performing real-life, large scale penetration tests for third parties (both commercial and educational ones) § Participation as security consultants in research projects founded by Polish Academy of Sciences and EC § Extensive knowledge of attack methodologies and techniques § Continuous security vulnerability research PSNC Security Team Our experience
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 6 Introduction Presentation motivations § Practical security is based both on knowledge about protection as well as about threats § If one wants to attack a computer system, he needs knowledge about its protection mechanisms and their possible limitations § If one wants to defend his system, he should be aware of attack techniques, their real capabilities and their possible impact
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 7 Introduction Presentation thesis n The difficulty of securing a given network infrastructure goes along with its size and complexity n Securing a network infrastructure is a continuous process, that should have its beginning in the design phase n Security is not a product, (Bruce Schneier) n Firewalls are not the end-all, be-all solution to information security n You can never feel 100% secure...
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 8 Firewall systems Introduction n They got particularly popular around 1996 - the time where some new attack techniques emerged (buffer overflows, remote exploits) n Their primary goal was to provide traffic control and monitoring n They enforce the security policy represented by a set of rules, specifying what is explicitly permitted/denied n They usually interconnect two or more logical networks - public and a private ones
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 9 Firewall systems Evolution corporate networkcorporate network InternetInternet FIREWALLFIREWALL corporatecorporate networknetwork InternetInternet BastionBastion InternalInternal routerrouter ExternalExternal routerrouter corporatecorporate networknetwork InternetInternet BastionBastion demilitariseddemilitarised zone (DMZ)zone (DMZ) FIREWALLFIREWALL FIREWALLFIREWALL
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 10 Firewall systems Types and operation Network Application Presentation Session Transport Data Link Physical Application Presentation Session Transport Data Link Physical Data Link Physical Network NetworkNetwork Application Presentation Session Transport Data Link Physical Application Presentation Session Transport Data Link Physical Data Link Physical Network Network Application Presentation Session Transport Packet level filtering Application level filtering Transport Telnet Ftp Http
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 11 Firewall systems State of the art n They run as part of the OS kernel (KLM) n They use some advanced algorithms for stateful traffic analysis (Adaptive Security Analysis, Stateful Inspection) n They can hide information from the outside about the internal logic of the protected network (NAT, PAT, DNS Proxy) n They can authenticate users with the use of different authentication methods (SecureID, RADIUS, AXENT, TACACS, Vasco, S/Key) n They can do some limited content filtering (Java, ActiveX)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 12 Firewall systems State of the art (2) n They can be extended by 3rd party products (OSPF) n They can transparently proxy some common application services (FTP, telnet) n They provide support for: • SNMP (Simple Network Management Protocol), • LDAP (Lightweight Directory Access Protocol) , • ODBC (integration with relational databases), • X.509 (certificates exchange) n They also include support for implementing VPN (DES, RC-4, MD5, SHA-1, SKIP, IPSec, IKE)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 13 Firewall systems State of the art (3) They are able to analyze most of the common: n applications protocols: dns, echo, finger, ftp, irc, NetBeui, ras, rexec, rlogin, rsh, smb, snmp, syslog, telnet, tftp, time, uucp, X11, smtp, pop2, pop3, Microsoft Exchange, gopher, http, nntp, wais, egp, ggp, grp, ospf, rip n multimedia protocols: Cooltalk, Partners, CU-SeeMe, FreeTel, H.323, Internet Phone, NetMeeting, NetShow, RealAudio/Video, StreamWorks, Vosaic, Web Theater n database protocols: Cooltalk, Partners, CU-SeeMe, FreeTel, H.323, Internet Phone, NetMeeting, Lotus Notes, MS SQL Server, SQLNet* by Oracle, SQL Server by Sybase
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 14 Firewall systems The risks n They are pretty complex piece of software!!! (the Linux KLM binary of Checkpoint FW 1 NW is 1.2 MB bytes long) n Commercial firewall systems are closed software, which means that no one has really put them under the glass in a search for security problems... n Over the last couple of years there has been just several bugs found in them... n Do you still believe they are bug free ??
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 15 Firewall systems The risks (2) n They just filter traffic coming from/to your network n They can handle dozens of application protocols, but unfortunately cannot protect you against malicious content n Security level of a network protected by a firewall system depends on many factors (DNS, routing infrastructure, security of client software...) n There is always a great risk associated with the so called „human error”
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 16 Introduction to attack techniques The usual firewall deployment model IntranetIntranet serverserver WWWWWW DatabaseDatabase serverserver CommunicationCommunication serverserver INTERNETINTERNET Corporate networkCorporate network Demilitarised zone (DMZ)Demilitarised zone (DMZ)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 17 Introduction to attack techniques The rules people usually forget about n „The weakest point” rule - your network is as secure as its weakest point n „The defense in depth” rule - the security of your network should not rely on the efficacy of a one and a given security mechanism n „Choke points” rule - any security mechanism is completely useless if there exist a way to bypass it
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 18 Introduction to attack techniques The myths people usually believe n I am not going to be the target of a hack attack n Even if so, attackers are not skilled enough to get into my network (NEVER, but NEVER UNDERESTIMATE YOUR OPPONENT) n My 10k$ worth firewall system is unbeatable, I have put it at my front door and I am sure that it provides me with a high level of security If you believe any of the above, sooner or later YOU WILL BE LOSTYOU WILL BE LOST!
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 19 Firewall attack techniques Attackers goals To be able to communicate with/access services of systems located in a corporate network. To run code of attackers choice at some workstation /server located inside the attacked corporate network.
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 20 Firewall attack techniques Attackers goals (2) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) Attackers code INTERNETINTERNET Attacker Backward connection to attackers host through HTTP (port 80)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 21 Firewall attack techniques The past n Packet fragmentation n Source porting (can be still used occasionally) n Source routing n Vulnerabilities in TCP/IP stack n FTP PASV related application proxy vulnerabilities (dynamic rules were created without properly assuring that the PASV response string was part of a legitimate FTP connection)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 22 Firewall attack techniques The present n Attacks through external systems The goal: to use some trust relationship between the internal network’s systems and systems from the outside in order to get access to the internal network. n Attacks through content (passive attacks) The goal: to provide user with a content that when dealt with (opened) will execute attacker’s provided code n Man in the middle attacks The goal: to inject content into user traffic in such a way so that attack through content will occur
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 23 Firewall attack techniques Attacks through external systems Getting in through trusted external systems can be accomplished by first compromising the machines from which access to the internal network is permitted. This might include: n home machine of the workers of the company n the network of the 3rd party that does remote administration/outsourcing for the attacked company n the network of the company’s office in some other location/country
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 24 Firewall attack techniques Attacks through external systems (2) Getting in through non trusted external systems can be accomplished in several ways: n throughout the exploitation of a vulnerability in a client software (SecureCRT, ftp, ...) n by obtaining user credential information/other sensitive data from the user X screen grabbing n throughout the combination of the above, Netscape /Mozilla remote control capabilities and a JVM vulnerability
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 25 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system User works (SSH session, Xforward) with some external system
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 26 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker steals user’s X-MIT-MAGIC-COOKIE
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 27 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker connects to user’s XDisplay
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 28 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker finds WindowID of the running Netscape 4.x/ Mozilla process on user’s system
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 29 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker issues openURL() command to the found window
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 30 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system User’s web browser connects with the attacker’s WWW server
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 31 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker inserts malicious payload into the requested web page (Java applet)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 32 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) Attackers code INTERNETINTERNET Attacker Attacker’s code gets executed on the user’s machine
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 33 Firewall attack techniques Attacks through content Sending mail to the victim user containing: n an executable file n Microsoft Office document exploiting the macro bypass vulnerability n HTML mail body exploiting a flaw in Internet Explorer/Outlook Express or Netscape leading to the code execution DEMONSTRATION
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 34 Firewall attack techniques File formats vulnerable to the “infection” There are many file formats used for holding text, graphics or multimedia data that can be used as a carrier of a malicious content. EXE,COM,BAT,PS, PDF CDR (Corel Draw) DVB,DWG (AutoCad) SMM (AMI Pro) DOC,DOT,CNV,ASD (MS Word) XLS,XLB,XLT (MS Excel) ADP, MDA,MDB,MDE,MDN,MDZ (MS Access) VSD (Visio) MPP,MPT (MS Project) PPT,PPS,POT (MS PowerPoint) MSG,OTM (MS Outlook) WPD,WPT (WordPerfect)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 35 Firewall attack techniques Attacks through content (2) n software installation files (RealPlayer, Winamp, web browsers, ...) n software for mobile phones n screen savers n „funny” content in an executable form Hacking some highly popular WWW/FTP server and putting a trojan horse file on it Backdooring source code of some very popular and critical Internet service (apache, bind, sendmail, ...)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 36 Firewall attack techniques Man in the middle attacks You cannot look at the security of your network only from the LAN/firewall perspective There are also many other things you should take into account because they may influence the security of your network: n DNS service n routing/security of routes
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 37 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker Attacker owns corporate DNS server or can spoof DNS replies to it
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 38 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker User enters www.yahoo.com address in his web browser yahoo
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 39 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker Web browser requests the name of www.yahoo.com from the corporate DNS server yahoo
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 40 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker The reply he gets points to the attacker’s machine yahoo
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 41 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo User’s web browser connects with the attacker’s WWW server
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 42 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attacker connects with the real host It tunnels user’s HTTP traffic to www.yahoo.com
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 43 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attacker inserts malicious payload into the requested web page (Java applet)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 44 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attackers code Attacker’s code gets executed on the user’s machine
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 45 Firewall attack techniques DNS attacks are still the real threat DNS can be quite successfully manipulated through the use of DNS spoofing („birthday attack” in particular)
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 46 Firewall attack techniques DNS attacks are still the real threat (2) Although the CERT® Advisory CA-2002-31 from November 2002 (Multiple Vulnerabilities in BIND) was issued there are still many BIND servers that are vulnerable to the „cached SIG record” buffer overflow attack As of February 2003, there were more than 40% of them... Why ?? Do we have such a situation because there was no official exploit code published for this issue ?? THE CODE FOR THIS ISSUE EXIST
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 47 Firewall attack techniques Short digression Which Web Browser is in your opinion the most secure? Which one do you use: - Internet Explorer - Netscape - Mozilla - Opera - any other ?
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 48 Firewall attack techniques Short digression (2) This page contained information about not-yet disclosed security vulnerability. Vendor has been provided with technical details of the bug on June 2nd 2003. DEMONSTRATION
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 49 Firewall attack techniques Final words n Attacker needs to find only one weakness in your security infrastructure n You are required to have none of them/all of them patched n Your security depends on the security of many, many components... n Skilled, motivated attackers are the real threat and they are really out there...
Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 50 Finally The End Thank you for your attention! adam.gowdiak@man.poznan.pl Poznan Supercomputing and Networking Center http://www.man.poznan.pl CERT-POL34 http://cert.pol34.pl

Recommended

Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area Networks
CSCJournals
 
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKSAN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
csandit
 
Ad hoc secuirty-vemula
Ad hoc secuirty-vemulaAd hoc secuirty-vemula
Ad hoc secuirty-vemula
Raju Vemula
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
EditorJST
 
A survey on wireless sensor networks security with the integration of cluster...
A survey on wireless sensor networks security with the integration of cluster...A survey on wireless sensor networks security with the integration of cluster...
A survey on wireless sensor networks security with the integration of cluster...
csandit
 
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
cscpconf
 
Futex ppt
Futex pptFutex ppt
Futex ppt
OECLIB Odisha Electronics Control Library
 
10.1.1.44.6790
10.1.1.44.679010.1.1.44.6790
10.1.1.44.6790
Alok Tripathi
 

Recommended

Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area Networks
CSCJournals
 
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKSAN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
csandit
 
Ad hoc secuirty-vemula
Ad hoc secuirty-vemulaAd hoc secuirty-vemula
Ad hoc secuirty-vemula
Raju Vemula
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
EditorJST
 
A survey on wireless sensor networks security with the integration of cluster...
A survey on wireless sensor networks security with the integration of cluster...A survey on wireless sensor networks security with the integration of cluster...
A survey on wireless sensor networks security with the integration of cluster...
csandit
 
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...
cscpconf
 
Futex ppt
Futex pptFutex ppt
Futex ppt
OECLIB Odisha Electronics Control Library
 
10.1.1.44.6790
10.1.1.44.679010.1.1.44.6790
10.1.1.44.6790
Alok Tripathi
 
D0961927
D0961927D0961927
D0961927
IOSR Journals
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Editor IJCATR
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
David Sweigert
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
ijwmn
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
Saikiran Panjala
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
Piyush Mittal
 
Network security
Network securityNetwork security
Network security
mustafa aadel
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
IOSR Journals
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
Piyush Mittal
 
Security issues performance in ad hoc oddv
Security issues performance in ad hoc oddvSecurity issues performance in ad hoc oddv
Security issues performance in ad hoc oddv
Editor Jacotech
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networks
Md Waresul Islam
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
nagibtech
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
TAMBEMAHENDRA1
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network security
aibad ahmed
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
JPINFOTECH JAYAPRAKASH
 
Jamming attacks in wireless networks
Jamming attacks in wireless networksJamming attacks in wireless networks
Jamming attacks in wireless networks
Thesis Scientist Private Limited
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
IJERA Editor
 
Firewall
FirewallFirewall
Firewall
ArchanaMani2
 
Network Migration and the Data Tsunami
Network Migration and the Data TsunamiNetwork Migration and the Data Tsunami
Network Migration and the Data Tsunami
Bytemobile
 
Incontro zerouno executive dinner
Incontro zerouno executive dinnerIncontro zerouno executive dinner
Incontro zerouno executive dinner
NetConsultingMilano
 

More Related Content

What's hot

D0961927
D0961927D0961927
D0961927
IOSR Journals
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Editor IJCATR
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
David Sweigert
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
ijwmn
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
Saikiran Panjala
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
Piyush Mittal
 
Network security
Network securityNetwork security
Network security
mustafa aadel
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
IOSR Journals
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
Piyush Mittal
 
Security issues performance in ad hoc oddv
Security issues performance in ad hoc oddvSecurity issues performance in ad hoc oddv
Security issues performance in ad hoc oddv
Editor Jacotech
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networks
Md Waresul Islam
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
nagibtech
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
TAMBEMAHENDRA1
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network security
aibad ahmed
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
JPINFOTECH JAYAPRAKASH
 
Jamming attacks in wireless networks
Jamming attacks in wireless networksJamming attacks in wireless networks
Jamming attacks in wireless networks
Thesis Scientist Private Limited
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
IJERA Editor
 
Firewall
FirewallFirewall
Firewall
ArchanaMani2
 

What's hot (20)

D0961927
D0961927D0961927
D0961927
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
 
Network security
Network securityNetwork security
Network security
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
 
Security issues performance in ad hoc oddv
Security issues performance in ad hoc oddvSecurity issues performance in ad hoc oddv
Security issues performance in ad hoc oddv
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networks
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network security
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Jamming attacks in wireless networks
Jamming attacks in wireless networksJamming attacks in wireless networks
Jamming attacks in wireless networks
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 
Firewall
FirewallFirewall
Firewall
 

Viewers also liked

Network Migration and the Data Tsunami
Network Migration and the Data TsunamiNetwork Migration and the Data Tsunami
Network Migration and the Data Tsunami
Bytemobile
 
Incontro zerouno executive dinner
Incontro zerouno executive dinnerIncontro zerouno executive dinner
Incontro zerouno executive dinner
NetConsultingMilano
 
Building Software Solutions Using Web 2.0 Technologies
Building Software Solutions Using Web 2.0 TechnologiesBuilding Software Solutions Using Web 2.0 Technologies
Building Software Solutions Using Web 2.0 Technologies
Aspire Systems
 
2012.10.16 tallinn mobility expo published
2012.10.16 tallinn mobility expo published2012.10.16 tallinn mobility expo published
2012.10.16 tallinn mobility expo published
Hans Nygaard
 
Going On-Demand: IaaS, PaaS Or Solution Accelerators
Going On-Demand: IaaS, PaaS Or Solution AcceleratorsGoing On-Demand: IaaS, PaaS Or Solution Accelerators
Going On-Demand: IaaS, PaaS Or Solution Accelerators
Aspire Systems
 

Viewers also liked (6)

Network Migration and the Data Tsunami
Network Migration and the Data TsunamiNetwork Migration and the Data Tsunami
Network Migration and the Data Tsunami
 
Incontro zerouno executive dinner
Incontro zerouno executive dinnerIncontro zerouno executive dinner
Incontro zerouno executive dinner
 
U. Trivellato: RIFORMA DEL SISTEMA STATISTICO NAZIONALE
U. Trivellato: RIFORMA DEL SISTEMA STATISTICO NAZIONALEU. Trivellato: RIFORMA DEL SISTEMA STATISTICO NAZIONALE
U. Trivellato: RIFORMA DEL SISTEMA STATISTICO NAZIONALE
 
Building Software Solutions Using Web 2.0 Technologies
Building Software Solutions Using Web 2.0 TechnologiesBuilding Software Solutions Using Web 2.0 Technologies
Building Software Solutions Using Web 2.0 Technologies
 
2012.10.16 tallinn mobility expo published
2012.10.16 tallinn mobility expo published2012.10.16 tallinn mobility expo published
2012.10.16 tallinn mobility expo published
 
Going On-Demand: IaaS, PaaS Or Solution Accelerators
Going On-Demand: IaaS, PaaS Or Solution AcceleratorsGoing On-Demand: IaaS, PaaS Or Solution Accelerators
Going On-Demand: IaaS, PaaS Or Solution Accelerators
 

Similar to Bypassing firewalls

ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
ParasPatel967737
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
KalsoomTahir2
 
shivam sahu (firewall).pdfb jndvhjfvhjjf
shivam sahu (firewall).pdfb jndvhjfvhjjfshivam sahu (firewall).pdfb jndvhjfvhjjf
shivam sahu (firewall).pdfb jndvhjfvhjjf
sahushivam4928
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
ParvezAhmed59842
 
Firewalls
FirewallsFirewalls
Firewalls
Shreya Singireddy
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
ImXaib
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Firewall
FirewallFirewall
Firewall
reddivarihareesh
 
Firewall
FirewallFirewall
Firewall
Naga Dinesh
 
169
169169
169
vivatechijri
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
Firewall ppt.pptx
Firewall ppt.pptxFirewall ppt.pptx
Firewall ppt.pptx
BhushanLokhande12
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
VC Infotech
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
Firas Alsayied
 
Firewall
FirewallFirewall
Firewall
Shiva Krishna Chandra Shekar
 
Firewall
FirewallFirewall
Firewall
Shiva Krishna Chandra Shekar
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
Revanth71
 

Similar to Bypassing firewalls (20)

ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
shivam sahu (firewall).pdfb jndvhjfvhjjf
shivam sahu (firewall).pdfb jndvhjfvhjjfshivam sahu (firewall).pdfb jndvhjfvhjjf
shivam sahu (firewall).pdfb jndvhjfvhjjf
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
Firewalls
FirewallsFirewalls
Firewalls
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
169
169169
169
 
Cyber security
Cyber securityCyber security
Cyber security
 
Firewall ppt.pptx
Firewall ppt.pptxFirewall ppt.pptx
Firewall ppt.pptx
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewall
Firewall Firewall
Firewall
 
Network security
Network security Network security
Network security
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 

More from Kumar

Graphics devices
Graphics devicesGraphics devices
Graphics devices
Kumar
 
Fill area algorithms
Fill area algorithmsFill area algorithms
Fill area algorithms
Kumar
 
region-filling
region-fillingregion-filling
region-filling
Kumar
 
Bresenham derivation
Bresenham derivationBresenham derivation
Bresenham derivation
Kumar
 
Bresenham circles and polygons derication
Bresenham circles and polygons dericationBresenham circles and polygons derication
Bresenham circles and polygons derication
Kumar
 
Introductionto xslt
Introductionto xsltIntroductionto xslt
Introductionto xslt
Kumar
 
Extracting data from xml
Extracting data from xmlExtracting data from xml
Extracting data from xml
Kumar
 
Xml basics
Xml basicsXml basics
Xml basics
Kumar
 
XML Schema
XML SchemaXML Schema
XML Schema
Kumar
 
Publishing xml
Publishing xmlPublishing xml
Publishing xml
Kumar
 
DTD
DTDDTD
DTD
Kumar
 
Applying xml
Applying xmlApplying xml
Applying xml
Kumar
 
Introduction to XML
Introduction to XMLIntroduction to XML
Introduction to XML
Kumar
 
How to deploy a j2ee application
How to deploy a j2ee applicationHow to deploy a j2ee application
How to deploy a j2ee application
Kumar
 
JNDI, JMS, JPA, XML
JNDI, JMS, JPA, XMLJNDI, JMS, JPA, XML
JNDI, JMS, JPA, XML
Kumar
 
EJB Fundmentals
EJB FundmentalsEJB Fundmentals
EJB Fundmentals
Kumar
 
JSP and struts programming
JSP and struts programmingJSP and struts programming
JSP and struts programming
Kumar
 
java servlet and servlet programming
java servlet and servlet programmingjava servlet and servlet programming
java servlet and servlet programming
Kumar
 
Introduction to JDBC and JDBC Drivers
Introduction to JDBC and JDBC DriversIntroduction to JDBC and JDBC Drivers
Introduction to JDBC and JDBC Drivers
Kumar
 
Introduction to J2EE
Introduction to J2EEIntroduction to J2EE
Introduction to J2EE
Kumar
 

More from Kumar (20)

Graphics devices
Graphics devicesGraphics devices
Graphics devices
 
Fill area algorithms
Fill area algorithmsFill area algorithms
Fill area algorithms
 
region-filling
region-fillingregion-filling
region-filling
 
Bresenham derivation
Bresenham derivationBresenham derivation
Bresenham derivation
 
Bresenham circles and polygons derication
Bresenham circles and polygons dericationBresenham circles and polygons derication
Bresenham circles and polygons derication
 
Introductionto xslt
Introductionto xsltIntroductionto xslt
Introductionto xslt
 
Extracting data from xml
Extracting data from xmlExtracting data from xml
Extracting data from xml
 
Xml basics
Xml basicsXml basics
Xml basics
 
XML Schema
XML SchemaXML Schema
XML Schema
 
Publishing xml
Publishing xmlPublishing xml
Publishing xml
 
DTD
DTDDTD
DTD
 
Applying xml
Applying xmlApplying xml
Applying xml
 
Introduction to XML
Introduction to XMLIntroduction to XML
Introduction to XML
 
How to deploy a j2ee application
How to deploy a j2ee applicationHow to deploy a j2ee application
How to deploy a j2ee application
 
JNDI, JMS, JPA, XML
JNDI, JMS, JPA, XMLJNDI, JMS, JPA, XML
JNDI, JMS, JPA, XML
 
EJB Fundmentals
EJB FundmentalsEJB Fundmentals
EJB Fundmentals
 
JSP and struts programming
JSP and struts programmingJSP and struts programming
JSP and struts programming
 
java servlet and servlet programming
java servlet and servlet programmingjava servlet and servlet programming
java servlet and servlet programming
 
Introduction to JDBC and JDBC Drivers
Introduction to JDBC and JDBC DriversIntroduction to JDBC and JDBC Drivers
Introduction to JDBC and JDBC Drivers
 
Introduction to J2EE
Introduction to J2EEIntroduction to J2EE
Introduction to J2EE
 

Recently uploaded

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
Data Hops
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
maazsz111
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 

Recently uploaded (20)

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 

Bypassing firewalls

  • 1. Adam Gowdiak Techniques used for bypassing firewall systems presented by 9th TF-CSIRT Meeting, 29-30th May 2003, Warsaw Copyright@2003PoznanSupercomputingandNetworkingCenter,Poland
  • 2. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 2 § POL34-CERT is part of Poznan Supercomputing and Networking Center, the operator of the Polish Scientific Broadband Network POL34/155 § It has been established in 2000 to provide effective incident response service to members and users of the POL34/155 network § The primary goal was to provide active incident handling with high quality technical support which can be guaranteed by seven years of experience acquired by the Security Team of PSNC About POL34-CERT Who we are?
  • 3. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 3 § An adequate technical support while handling security incidents and recovering from their consequences § Complex co-ordination of all responses to an incident with special emphasis on exchanging information between various interested parties § Valuable educational materials aimed at increasing the awareness of security as well as improving the overall knowledge of security techniques among the members of the constituency About POL34-CERT Mission statement
  • 4. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 4 The declared constituency of POL34-CERT contains all those systems connected to POL34/155 network i.e. networks of most academic and scientific institutions in Poland About POL34-CERT Constituency
  • 5. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 5 § Security administration of the POL34/155 network infrastructure and PSNC’s supercomputing resources § Performing real-life, large scale penetration tests for third parties (both commercial and educational ones) § Participation as security consultants in research projects founded by Polish Academy of Sciences and EC § Extensive knowledge of attack methodologies and techniques § Continuous security vulnerability research PSNC Security Team Our experience
  • 6. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 6 Introduction Presentation motivations § Practical security is based both on knowledge about protection as well as about threats § If one wants to attack a computer system, he needs knowledge about its protection mechanisms and their possible limitations § If one wants to defend his system, he should be aware of attack techniques, their real capabilities and their possible impact
  • 7. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 7 Introduction Presentation thesis n The difficulty of securing a given network infrastructure goes along with its size and complexity n Securing a network infrastructure is a continuous process, that should have its beginning in the design phase n Security is not a product, (Bruce Schneier) n Firewalls are not the end-all, be-all solution to information security n You can never feel 100% secure...
  • 8. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 8 Firewall systems Introduction n They got particularly popular around 1996 - the time where some new attack techniques emerged (buffer overflows, remote exploits) n Their primary goal was to provide traffic control and monitoring n They enforce the security policy represented by a set of rules, specifying what is explicitly permitted/denied n They usually interconnect two or more logical networks - public and a private ones
  • 9. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 9 Firewall systems Evolution corporate networkcorporate network InternetInternet FIREWALLFIREWALL corporatecorporate networknetwork InternetInternet BastionBastion InternalInternal routerrouter ExternalExternal routerrouter corporatecorporate networknetwork InternetInternet BastionBastion demilitariseddemilitarised zone (DMZ)zone (DMZ) FIREWALLFIREWALL FIREWALLFIREWALL
  • 10. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 10 Firewall systems Types and operation Network Application Presentation Session Transport Data Link Physical Application Presentation Session Transport Data Link Physical Data Link Physical Network NetworkNetwork Application Presentation Session Transport Data Link Physical Application Presentation Session Transport Data Link Physical Data Link Physical Network Network Application Presentation Session Transport Packet level filtering Application level filtering Transport Telnet Ftp Http
  • 11. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 11 Firewall systems State of the art n They run as part of the OS kernel (KLM) n They use some advanced algorithms for stateful traffic analysis (Adaptive Security Analysis, Stateful Inspection) n They can hide information from the outside about the internal logic of the protected network (NAT, PAT, DNS Proxy) n They can authenticate users with the use of different authentication methods (SecureID, RADIUS, AXENT, TACACS, Vasco, S/Key) n They can do some limited content filtering (Java, ActiveX)
  • 12. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 12 Firewall systems State of the art (2) n They can be extended by 3rd party products (OSPF) n They can transparently proxy some common application services (FTP, telnet) n They provide support for: • SNMP (Simple Network Management Protocol), • LDAP (Lightweight Directory Access Protocol) , • ODBC (integration with relational databases), • X.509 (certificates exchange) n They also include support for implementing VPN (DES, RC-4, MD5, SHA-1, SKIP, IPSec, IKE)
  • 13. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 13 Firewall systems State of the art (3) They are able to analyze most of the common: n applications protocols: dns, echo, finger, ftp, irc, NetBeui, ras, rexec, rlogin, rsh, smb, snmp, syslog, telnet, tftp, time, uucp, X11, smtp, pop2, pop3, Microsoft Exchange, gopher, http, nntp, wais, egp, ggp, grp, ospf, rip n multimedia protocols: Cooltalk, Partners, CU-SeeMe, FreeTel, H.323, Internet Phone, NetMeeting, NetShow, RealAudio/Video, StreamWorks, Vosaic, Web Theater n database protocols: Cooltalk, Partners, CU-SeeMe, FreeTel, H.323, Internet Phone, NetMeeting, Lotus Notes, MS SQL Server, SQLNet* by Oracle, SQL Server by Sybase
  • 14. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 14 Firewall systems The risks n They are pretty complex piece of software!!! (the Linux KLM binary of Checkpoint FW 1 NW is 1.2 MB bytes long) n Commercial firewall systems are closed software, which means that no one has really put them under the glass in a search for security problems... n Over the last couple of years there has been just several bugs found in them... n Do you still believe they are bug free ??
  • 15. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 15 Firewall systems The risks (2) n They just filter traffic coming from/to your network n They can handle dozens of application protocols, but unfortunately cannot protect you against malicious content n Security level of a network protected by a firewall system depends on many factors (DNS, routing infrastructure, security of client software...) n There is always a great risk associated with the so called „human error”
  • 16. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 16 Introduction to attack techniques The usual firewall deployment model IntranetIntranet serverserver WWWWWW DatabaseDatabase serverserver CommunicationCommunication serverserver INTERNETINTERNET Corporate networkCorporate network Demilitarised zone (DMZ)Demilitarised zone (DMZ)
  • 17. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 17 Introduction to attack techniques The rules people usually forget about n „The weakest point” rule - your network is as secure as its weakest point n „The defense in depth” rule - the security of your network should not rely on the efficacy of a one and a given security mechanism n „Choke points” rule - any security mechanism is completely useless if there exist a way to bypass it
  • 18. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 18 Introduction to attack techniques The myths people usually believe n I am not going to be the target of a hack attack n Even if so, attackers are not skilled enough to get into my network (NEVER, but NEVER UNDERESTIMATE YOUR OPPONENT) n My 10k$ worth firewall system is unbeatable, I have put it at my front door and I am sure that it provides me with a high level of security If you believe any of the above, sooner or later YOU WILL BE LOSTYOU WILL BE LOST!
  • 19. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 19 Firewall attack techniques Attackers goals To be able to communicate with/access services of systems located in a corporate network. To run code of attackers choice at some workstation /server located inside the attacked corporate network.
  • 20. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 20 Firewall attack techniques Attackers goals (2) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) Attackers code INTERNETINTERNET Attacker Backward connection to attackers host through HTTP (port 80)
  • 21. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 21 Firewall attack techniques The past n Packet fragmentation n Source porting (can be still used occasionally) n Source routing n Vulnerabilities in TCP/IP stack n FTP PASV related application proxy vulnerabilities (dynamic rules were created without properly assuring that the PASV response string was part of a legitimate FTP connection)
  • 22. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 22 Firewall attack techniques The present n Attacks through external systems The goal: to use some trust relationship between the internal network’s systems and systems from the outside in order to get access to the internal network. n Attacks through content (passive attacks) The goal: to provide user with a content that when dealt with (opened) will execute attacker’s provided code n Man in the middle attacks The goal: to inject content into user traffic in such a way so that attack through content will occur
  • 23. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 23 Firewall attack techniques Attacks through external systems Getting in through trusted external systems can be accomplished by first compromising the machines from which access to the internal network is permitted. This might include: n home machine of the workers of the company n the network of the 3rd party that does remote administration/outsourcing for the attacked company n the network of the company’s office in some other location/country
  • 24. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 24 Firewall attack techniques Attacks through external systems (2) Getting in through non trusted external systems can be accomplished in several ways: n throughout the exploitation of a vulnerability in a client software (SecureCRT, ftp, ...) n by obtaining user credential information/other sensitive data from the user X screen grabbing n throughout the combination of the above, Netscape /Mozilla remote control capabilities and a JVM vulnerability
  • 25. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 25 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system User works (SSH session, Xforward) with some external system
  • 26. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 26 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker steals user’s X-MIT-MAGIC-COOKIE
  • 27. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 27 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker connects to user’s XDisplay
  • 28. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 28 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker finds WindowID of the running Netscape 4.x/ Mozilla process on user’s system
  • 29. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 29 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker issues openURL() command to the found window
  • 30. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 30 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system User’s web browser connects with the attacker’s WWW server
  • 31. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 31 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET compromised system Attacker inserts malicious payload into the requested web page (Java applet)
  • 32. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 32 Firewall attack techniques Attacks through external systems (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW CommunicationCommunication serverserver Demilitarised zone (DMZ)Demilitarised zone (DMZ) Attackers code INTERNETINTERNET Attacker Attacker’s code gets executed on the user’s machine
  • 33. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 33 Firewall attack techniques Attacks through content Sending mail to the victim user containing: n an executable file n Microsoft Office document exploiting the macro bypass vulnerability n HTML mail body exploiting a flaw in Internet Explorer/Outlook Express or Netscape leading to the code execution DEMONSTRATION
  • 34. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 34 Firewall attack techniques File formats vulnerable to the “infection” There are many file formats used for holding text, graphics or multimedia data that can be used as a carrier of a malicious content. EXE,COM,BAT,PS, PDF CDR (Corel Draw) DVB,DWG (AutoCad) SMM (AMI Pro) DOC,DOT,CNV,ASD (MS Word) XLS,XLB,XLT (MS Excel) ADP, MDA,MDB,MDE,MDN,MDZ (MS Access) VSD (Visio) MPP,MPT (MS Project) PPT,PPS,POT (MS PowerPoint) MSG,OTM (MS Outlook) WPD,WPT (WordPerfect)
  • 35. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 35 Firewall attack techniques Attacks through content (2) n software installation files (RealPlayer, Winamp, web browsers, ...) n software for mobile phones n screen savers n „funny” content in an executable form Hacking some highly popular WWW/FTP server and putting a trojan horse file on it Backdooring source code of some very popular and critical Internet service (apache, bind, sendmail, ...)
  • 36. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 36 Firewall attack techniques Man in the middle attacks You cannot look at the security of your network only from the LAN/firewall perspective There are also many other things you should take into account because they may influence the security of your network: n DNS service n routing/security of routes
  • 37. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 37 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker Attacker owns corporate DNS server or can spoof DNS replies to it
  • 38. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 38 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker User enters www.yahoo.com address in his web browser yahoo
  • 39. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 39 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker Web browser requests the name of www.yahoo.com from the corporate DNS server yahoo
  • 40. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 40 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker The reply he gets points to the attacker’s machine yahoo
  • 41. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 41 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo User’s web browser connects with the attacker’s WWW server
  • 42. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 42 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attacker connects with the real host It tunnels user’s HTTP traffic to www.yahoo.com
  • 43. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 43 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attacker inserts malicious payload into the requested web page (Java applet)
  • 44. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 44 Firewall attack techniques Man in the middle attacks (case study) IntranetIntranet serverserver DatabaseDatabase serverserver Corporate networkCorporate network WWWWWW DNSDNS ServerServer Demilitarised zone (DMZ)Demilitarised zone (DMZ) INTERNETINTERNET Attacker yahoo Attackers code Attacker’s code gets executed on the user’s machine
  • 45. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 45 Firewall attack techniques DNS attacks are still the real threat DNS can be quite successfully manipulated through the use of DNS spoofing („birthday attack” in particular)
  • 46. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 46 Firewall attack techniques DNS attacks are still the real threat (2) Although the CERT® Advisory CA-2002-31 from November 2002 (Multiple Vulnerabilities in BIND) was issued there are still many BIND servers that are vulnerable to the „cached SIG record” buffer overflow attack As of February 2003, there were more than 40% of them... Why ?? Do we have such a situation because there was no official exploit code published for this issue ?? THE CODE FOR THIS ISSUE EXIST
  • 47. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 47 Firewall attack techniques Short digression Which Web Browser is in your opinion the most secure? Which one do you use: - Internet Explorer - Netscape - Mozilla - Opera - any other ?
  • 48. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 48 Firewall attack techniques Short digression (2) This page contained information about not-yet disclosed security vulnerability. Vendor has been provided with technical details of the bug on June 2nd 2003. DEMONSTRATION
  • 49. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 49 Firewall attack techniques Final words n Attacker needs to find only one weakness in your security infrastructure n You are required to have none of them/all of them patched n Your security depends on the security of many, many components... n Skilled, motivated attackers are the real threat and they are really out there...
  • 50. Copyright @ 2003 Poznan Supercomputing and Networking Center, POL34-CERT 50 Finally The End Thank you for your attention! adam.gowdiak@man.poznan.pl Poznan Supercomputing and Networking Center http://www.man.poznan.pl CERT-POL34 http://cert.pol34.pl