A firewall problem?

Sarad AV jtrjtrjtr2001 at yahoo.com
Fri Jul 4 01:55:43 PDT 2003


hi,


Wont the following cause a firewall breach-


First we capture   inbound packets to a firewall
assuming we have a man in the middle(M).

If (M) use block replay on packets he can inject bits
and pieces of his own information to an inbound
firewall and can go undetected?

M doesn't alter the source and destination ip's and is
perfectly acceptable to the firewall.Even a timestamp
won't work since a packet is expected at any time.

We can still re-calculate the CRC of Checksum field by
the same attack and replace the old crc/checksum after
changing various required bit positions.

Do firewall programs use initialisation vectors and a
chaning mode to prevent this attack?


Regards Sarath.


__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com





More information about the cypherpunks-legacy mailing list