Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewall Vulnerabilities Presented by Vincent J. Ohm.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Firewall Vulnerabilities Presented by Vincent J. Ohm."— Presentation transcript:

1 Firewall Vulnerabilities Presented by Vincent J. Ohm

2 Topics Firewall design (Stateful) Packet Filter, Application proxy, Personal Firewall OSI Stack Layer IP, TCP spoofing Applications sendmail Firewall implementation broad permissions, overflows, etc.

3 Firewalls Network gateway handles incoming & outgoing traffic Access manager blocks/grants access to services, networks

4 Firewall Design (The benefits) Packet Filter – scans IP address, port number – block specific adresses, ports – Stateful: adds connection filtering Application Proxy – scans packet payload – filter harmful data, program commands Personal – combination of filter & proxy

5 Firewall Design (The drawbacks) Packet Filter – harmful data passes through Application Proxy – unknown application vulnerabilities

6 OSI Stack Network – I.P. – no address authentication – address is spoofable Transport – T.C.P. – sequence number enforces exclusivity – spoof I.P. address and guess seq. number... – T.C.P. spoofing

7 Applications Applications with vulnerabilities –sendmail ‘WIZ’  debugging command creates root shell access on remote server Methods of exploitation –crafted data (overflows) –commands (sendmail) Packet Filters can block some Application Proxies can block more

8 Firewall Implementation Symantec Firewall/VPN Appliance –Password leak Pyramid BenHur –Active FTP Kerio Personal Firewall –Rules bypassable Cisco PIX –SNMPv3, VPNC IPsec Check Point Firewall-1 & DeleGate application proxy –overflows

9 Symantec Firewall/VPN Appliance Accessing firewall to change password from unsecured terminal using web browser Firewall’s HTTP response, stored in browser cache HTTP response contains the new password… …in cleartext! Symantec’s fix: strips password data

10 Pyramid BenHur Firewall Firewall access rules can be bypassed… …by sending connect request with source port = 20  FTP data port Can connect to any port Workaround: block all outside access from port 20 OR apply patch

11 Kerio Personal Firewall Problem with default configuration Firewall would allow any UDP packet through if source port = 53  DNS port Intention: allow DNS responses Fix: allow packet only if DNS request precedes the response

12 Check Point Firewall-1 Invalid HTTP request Generates error message using portion of input… …included in format string used for call to sprintf() Exploit for: –command execution on firewall –arbitrary code execution

13 DeleGate Application Proxy Uses fixed array size for username & password Arrays used in calls to strcpy() Input sufficiently long strings… …buffer overflow!

14 Conclusion Firewalls are not invulnerable Vulnerable by … –Design –Other O.S.I. Layers vulnerabilities –Implementation flawes flaws

Download ppt "Firewall Vulnerabilities Presented by Vincent J. Ohm."

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 7 Working with Proxy Servers & Application-Level Firewalls By Whitman, Mattord,

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 7 Working with Proxy Servers & Application-Level Firewalls By Whitman, Mattord,
Working with Proxy Servers and Application-Level Firewalls Chapter 5.

Working with Proxy Servers and Application-Level Firewalls Chapter 5.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
K. Salah1 Firewalls. 2 Firewalls Trusted hosts and networks Firewall Router Intranet DMZ Demilitarized Zone: publicly accessible servers and networks.

K. Salah1 Firewalls. 2 Firewalls Trusted hosts and networks Firewall Router Intranet DMZ Demilitarized Zone: publicly accessible servers and networks.
Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.

Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Chapter 7: Working with Proxy Servers & Application-Level Firewalls

Chapter 7: Working with Proxy Servers & Application-Level Firewalls
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls: General Principles & Configuration (in Linux)

Firewalls: General Principles & Configuration (in Linux)
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Similar presentations

Ads by Google