Opening closed ports on NAT device and bypassing stateful firewalls with BeEF

Discussion in 'other security issues & news' started by EncryptedBytes, Jul 14, 2012.

Thread Status:
Not open for further replies.
  1. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    -http://blog.beefproject.com/2012/07/opening-closed-ports-on-nat-device-and.html-

     
  2. Eww, nasty. I cannot wait until malicious sites start using remote exploits, instead of tired old drive-by downloads. :rolleyes:

    Anyway... How would UFW's default configuration for iptables fair against such an attack? And what about Windows software firewalls? Would I be wrong in suspecting an interactive firewall might be safer in this case?
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    AppArmor can limit your program and resitrct them from being able to use protocols like IRC, which are necessary for protocol spoofing (haven't read it yet, assuming that's what this is.)

    An outbound Firewall would prevent this as well by locking the program to specific ports.
     
  4. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,927
    Location:
    U.S.A.
    Merged Threads, Eliminating Redundant Posts.
     
  5. BrandiCandi

    BrandiCandi Guest

    So the key there is that the user has some kind of server (FTP, ssh, etc) running. If you don't there's nothing to forward.

    http://samy.pl/natpin/
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I'd probably want to make sure 135-139 and 445 were closed as well. I've found internet accessible shares that were meant to be private because those ports were open.
     
  7. Doesn't Windows, by default, keep ports open beneath its firewall though?
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    There are at least 3 open ports on Windows by default for the NetBIOS or something else.
     
Loading...
Thread Status:
Not open for further replies.