[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Sony: No firewall and no patches

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Sony: No firewall and no patches
From: "Dobbins, Roland" <rdobbins@xxxxxxxxx>
Date: Tue, 10 May 2011 15:18:45 +0000

On May 10, 2011, at 4:42 PM, Pete Smith wrote:

>  if an attacker initiates a connection dest port higher than 2048 (to some 
> other server the attacker controls) and source port of 80 that will pass 
> through an ACL without issues, this would not be so on a stateful firewall.

If the attacker's in a position to generate an outbound connection sourced from 
a well-known port (which presumably is supposed to have an httpd attached to 
it), there's nothing a stateful firewall can do to improve matters.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@xxxxxxxxx> // <http://www.arbornetworks.com>

                The basis of optimism is sheer terror.

                          -- Oscar Wilde

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Sony: No firewall and no patches
  - From: Thor (Hammer of God)

References:
- [Full-disclosure] Sony: No firewall and no patches
  - From: Thor (Hammer of God)
- Re: [Full-disclosure] Sony: No firewall and no patches
  - From: Dobbins, Roland
- Re: [Full-disclosure] Sony: No firewall and no patches
  - From: Pete Smith

Prev by Date: Re: [Full-disclosure] Sony: No firewall and no patches
Next by Date: Re: [Full-disclosure] Sony: No firewall and no patches
Previous by thread: Re: [Full-disclosure] Sony: No firewall and no patches
Next by thread: Re: [Full-disclosure] Sony: No firewall and no patches
Index(es):
- Date
- Thread