From Rodney Visser | September 15th, 2009
Recently, another Windows os vulnerability has surfaced pointed at ports 139 and 445. It was initially released as a denial of service attack, but could also allow system level remote code execution. The strange thing about this particular exploit for me, is that this issue was fixed on Windows 7 build 7130, but as of today there is still no fix for Vista or Server 2008.
In the time it is taking them to address this issue there is already working exploit code in the ever popular MetaSploit framework and as an added bonus it has the ability to do reverse HTTP tunneling on port 80. This means that you could hit an exploited system and the firewall will literally mean nothing.
Tags: information security, network
Delicious // Digg This! // Technorati
Subscribe to comments via RSS 2.0 
From Rodney Visser | August 18th, 2009
When adding a traditional hardware based firewall to a network, major network based surgery is needed a majority of the time. The potential for configuration problems with both internal clients and the router/proxy are increased. There is also overhead that goes into processing each packet or session for the firewall, making it difficult to come to an informed decision.
When looking though the eyes of an attacker, only minimal investigation and enumeration is needed to identify a device that is acting as a firewall. Its rule-set or “protection” features can be realized. READ ON
Tags: firewalls, hardware, information security, network, transparent firewalls
Delicious // Digg This! // Technorati
Subscribe to comments via RSS 2.0
