Re: Security flaw in iptables

To: Lars Hallberg <lah@micropp.se>
Cc: debian-firewall@lists.debian.org
Subject: Re: Security flaw in iptables
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Sun, 22 Apr 2001 14:59:35 +0200
Message-id: <20010422145935.A13843@lina.inka.de>
In-reply-to: <20010422120619.A23677@albert.micropp.se>; from lah@micropp.se on Sun, Apr 22, 2001 at 12:06:19PM +0200
References: <3AE226B3.DB7A06BA@ozemail.com.au> <20010422120619.A23677@albert.micropp.se>

On Sun, Apr 22, 2001 at 12:06:19PM +0200, Lars Hallberg wrote:
> So, You lose the *extra* protection of a DMZ, not more (if the users
> inside your firewall is trusted).

Actually there was a malformed-url-attack which allowed a public web page to
list a URL which will call the firewall to open an inbound connection if one
of your internal users where clicking on that url. This was due to very
simple protoocl parsing. I think that special case does ot work with the
iptables exploit but it clearly shows you, that you cant expect your users
are trusted if they can be tricked to send such data out of your net.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- Security flaw in iptables
  - From: Mark <mdevin@ozemail.com.au>
- Re: Security flaw in iptables
  - From: lah@micropp.se (Lars Hallberg)

Prev by Date: Re: Security flaw in iptables
Next by Date: RE: max routes
Previous by thread: Re: Security flaw in iptables
Next by thread: -m in iptables???
Index(es):
- Date
- Thread