Login or Sign Up
- Logging in...
  
  By logging into your account, you agree to our Privacy Policy, personal data processing and storage practices as described therein.
  
  Remember me
  
  Forgot password or user name?
  
  or Sign Up
- Log in with

Search in titles only Search in (old) Community Talk only

Advanced Search

forums
blogs
articles
albums
dcgroups
defcon.org
media.defcon
infocon.org
reddit
store

Today's Posts
Last Week
Unread
Con Calendar
iOS
Android
Who's Online
Member List

Forum
Conference Archives
Past DEF CON Forum Content
(old) Community Talk

Guests can browse, to post please join the forums

Announcement

Collapse

No announcement yet.

Firewall Exploits

Collapse

X

Collapse

Posts
Latest Activity
Photos

Page of 2
Filter

Time

All Time Today Last Week Last Month
Show

All Discussions only Photos only Videos only Links only Polls only Events only

Filtered by:

new posts

Previous 1 2 template Next

enCode replied

May 22, 2004, 00:11
Me?! never. Drugs are bad. ;)
Leave a comment:
Guest replied

May 21, 2004, 11:51
Originally posted by enCode

Yea, I'd start in on the hard drugs too. :D

I thought you already were on the hard drugs?
Leave a comment:
enCode replied

May 21, 2004, 11:39
Yea, I'd start in on the hard drugs too. :D
Leave a comment:
Guest replied

May 21, 2004, 10:48
Originally posted by enCode

so then what was the crack used for???

The crack was used for the rest of SG-1.
Leave a comment:
enCode replied

May 21, 2004, 10:43
so then what was the crack used for???
Leave a comment:
astcell replied

May 21, 2004, 10:10
I thought McGyver took speed to help him sleep at night.
Leave a comment:
enCode replied

May 21, 2004, 09:52
I always thought McGyver and speed were a perfect match :D
Leave a comment:
kree replied

May 18, 2004, 22:15
Originally posted by bascule

Anyone who saw Half Baked knows that MacGyver smokes weed, not crack!

True, but as but as they say weed is a transitional drug therefore he is a crackhead!
Leave a comment:
bascule replied

May 14, 2004, 15:54
Originally posted by kree

Ok, McGyver. Put the crack pipe down!

Anyone who saw Half Baked knows that MacGyver smokes weed, not crack!
Leave a comment:
enCode replied

May 14, 2004, 14:29
O.K. i guess what i mean by 'exploit' is gaining control from a remote terminal.
i'm not too worried about DoS
So how would some one render the firewall useless (circumvent)?
although that may be too broad

P.S. thanx for being cool about answering my question though
Leave a comment:
skroo replied

May 13, 2004, 22:38
I'm going to try to answer this somewhat seriously.

Originally posted by enCode

So I've been thinking about firewalls and how secure they are. My question is this "how easy is it to exploit a firewall vulnerability (if there is one?)" especially such a common one as ZoneAlarm.

One important thing here is to define what you mean by 'exploit'. Do you want to obtain, say, administrative logons onto the device? Or crash it, or otherwise perform a successful DoS? Or make it pass traffic it shouldn't, or drop traffic it should allow?

ZoneAlarm runs on top of Windows, and is technically more of an Intrusion Prevention System (IPS) than firewall. It's fairly safe to say that any Windows exploits it doesn't know how to protect against will undermine its effectiveness - though the same is going to be true of any similar product that runs on top of a host OS. Again, though, you need to define what you mean by 'exploit' in this context - and there may well be additional internal flaws within ZoneAlarm that could conceivably lead to some form of successful remote exploit.

Not to avoid giving you an answer, but they need to be found before they can be exploited. As an off-the-cuff answer, there are a conceivably lot of places this might be possible within the internal architecture of ZoneAlarm. However, there's no way of giving you a solid answer until something is found and demostrated - it'd all be in the theoretical at this point.

More importantly how is it done and is there any precautionary measures I can take to stop people from doing it???

As for the 'how is it done' part, see above. As for precautionary measures, keep Windows, ZoneAlarm, and your antivirus software patched and up-to-date. Also, don't overlook good administrative practices such as limiting user privilege to the lowest level possible, enforcing storage quotas, defining and enforcing group policy, etc.
Leave a comment:
enCode replied

May 13, 2004, 21:19
Originally posted by Chris

Please tell me you are joking and forgot to turn on the <sarcasm> tag.

<sarcasm>(oops)
Leave a comment:
spahkle replied

May 13, 2004, 11:10
Originally posted by enCode

Thats really cool but why does it work?
It's a buffer overflow right?

yeah.. brain buffer
Leave a comment:
Chris replied

May 13, 2004, 10:57
Originally posted by enCode

Thats really cool but why does it work?
It's a buffer overflow right?

Please tell me you are joking and forgot to turn on the <sarcasm> tag.
Leave a comment:
enCode replied

May 13, 2004, 10:50
Thats really cool but why does it work?
It's a buffer overflow right?
Leave a comment:

Previous 1 2 template Next

Dark-Blue
English (US)

Help
Contact Forum Account Support
DMCA
DEF CON Policies
Go to top

(r) DEF CON Communications, Inc.

All times are GMT-8. This page was generated at 1 minute ago.

Working...

X