A firewall problem?
Sarad AV
jtrjtrjtr2001 at yahoo.com
Fri Jul 4 01:55:43 PDT 2003
hi,
Wont the following cause a firewall breach-
First we capture inbound packets to a firewall
assuming we have a man in the middle(M).
If (M) use block replay on packets he can inject bits
and pieces of his own information to an inbound
firewall and can go undetected?
M doesn't alter the source and destination ip's and is
perfectly acceptable to the firewall.Even a timestamp
won't work since a packet is expected at any time.
We can still re-calculate the CRC of Checksum field by
the same attack and replace the old crc/checksum after
changing various required bit positions.
Do firewall programs use initialisation vectors and a
chaning mode to prevent this attack?
Regards Sarath.
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
More information about the Testlist
mailing list