RE: ipchains

Mon, 25 Dec 2000 09:09:39 -0800 

actually icq 2000 pass the firewall by letting you open the port
it uses the same protocl as aim now..


Ely Levy
System group
Hebrew University 
Jerusalem Israel



On Mon, 25 Dec 2000, System1 wrote:

|  this is not correct.
|  with simple UDP sniffer you can find the victim private IP.
|  with bit more complex tools you can even scan the inside network.
|  I dont know how much attention this issue got on mailing lists such as
|  BugTraq
|  but I saw how its beingmade with very simple tools.
|  the ICQ version I am talking about is ICQ 2000 versions.
|  Ill say it again ICQ create direct connection this means it passes the
|  firewall by opening ports higher than 1024 so its a problem to block it
|  cause I cant block this ports.
|  for me to know that people from outside the office network can find out ips
|  like 10.10.1.x is enough to choose block the ICQ.
|  so the solution I found was to block the output to the whole domain
|  login.icq.com so users cant make login.
|  and hope there are no other servers they can login to with ICQ.
|  
|  as for Nadav Har'El request for more data. I didnt saw anything on this
|  issue at BugTraq I dont think many knows about this.
|  The person who show us this vulnerability didnt say where he found it. but
|  we saw how he make it.
|  
|  Moran.
|  
|  
|  
|  -----Original Message-----
|  From: Nadav Har'El [mailto:[EMAIL PROTECTED]]
|  Sent: Monday, December 25, 2000 5:26 PM
|  To: Alon Oz
|  Subject: Re: ipchains
|  
|  Sure enough, _no_ packet is ever sent out of the firewall with either of
|  the "secret" addresses, so that ICQ will only know the firewall's (publicly
|  known) address.
|  
|  
|  
|  
|  
|  =================================================================
|  To unsubscribe, send mail to [EMAIL PROTECTED] with
|  the word "unsubscribe" in the message body, e.g., run the command
|  echo unsubscribe | mail [EMAIL PROTECTED]
|  
|  


=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Reply via email to