Firewall question

Discussion in 'other firewalls' started by lunarlander, Mar 8, 2014.

Thread Status:
Not open for further replies.
  1. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    121
    How actually do attackers penetrate firewalls? I have read that some may spoof the sending ip address. But doesn't a stateful firewall keep track of sequence numbers? Or does the attacker machine gun it and try all the sequence numbers? So I have made a firewall rule on my PIX external interface to deny sender addresses bearing an internal ip. But not being a pen tester, I still don't quite understand how an attack works.
     
  2. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Here are some references:

    Pp. 18-22 of "Comparative Firewall Study" - pdf at hxxp://monarch.qucosa.de/fileadmin/data/qucosa/documents/4892/data/firewall_study.pdf

    "Type of Attacks" - pdf at hxxps://www.dsci.in/sites/default/files/Type%20of%20Attacks_DSCI_White%20Paper_1.pdf - contains more than just firewall attacks

    "What Do Firewalls Protect? An Empirical Study of Firewalls, Vulnerabilities, and Attacks" - pdf at hxxp://www.cs.ucdavis.edu/research/tech-reports/2010/CSE-2010-8.pdf

    Papers on inbound tests and other non-leak tests of firewalls
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,797
    Location:
    Texas
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  6. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  7. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
Loading...
Thread Status:
Not open for further replies.