Dear Ferry, Although it is possible to crack a firewall with no services running but the filtering-service, it's much easier to 'bypass' a firewall using forged packets or using vulnerabilities in the firewall code.
I think your main concern is to keep unauthorized people out of your LAN rather than securing your firewall so it can not be compromised. So a better practice is to use a second firewall with a totally different architecture/OS/firewall-software which will almost eliminate the possibility of a breach in the firewall itself leaving only the rules to be the weak spot. It's mostly quite easy to fool a firewall using allowed traffic. e.g. get into your LAN starting a connection from port 80 (which is normally allowed in the firewall). Perhaps you should consider setting up a proxy-server in a separate DMZ allowing only connections from the internal network eliminating even more possible vulnerabilities, but probably there are more experienced people in here who can comment on security of proxy-servers. (which I heared was quite poor) Kind regards, Tim -----Original Message----- From: Hiemstra, Brenno [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 11, 2002 12:50 PM To: 'Ferry van Steen'; [EMAIL PROTECTED] Subject: RE: Cracking a server without services Ferry, The only possibility to get into a system that has no services running is getting the admin of that system to execute an application that creates a backdoor. Or, if there is a fault in the networking stack, you may launch a network attack and let the stack execute code which can result in any kinda thing you like. Attacking a system without any service isnt easy but not impossible. Not even talking about just DoSing the system. Regards, Brenno > -----Original Message----- > From: Ferry van Steen [SMTP:[EMAIL PROTECTED]] > Sent: woensdag 10 juli 2002 18:09 > To: [EMAIL PROTECTED] > Subject: Cracking a server without services > > Hey there, > > I was just wondering. I know the rule is everything can be cracked. But > can > anyone point me to info on how to crack something with no ports open > or/and > perhaps tell me how that's called (so I can search...). To me it seems > impossible but I have a feeling that's a false sense of security and I'd > like to get a better understanding of this so I can take appropiate > actions > on my servers. Also I think this knowledge will come in handy in the > future > since I gotta write a firewall on linux for a DMZ and LAN set up in like a > week or so and I don't want to tell my boss that the webserver is the only > thing that can be cracked because that's the only service we run if that > ain't so, although the chance someone with that knowledge/expertise will > hunt us will probably be nihil. > > Kind regards, > > Ferry van Steen > InfoPart Automatisering B.V. > Beeksestraat 24 > 4841 GC Prinsenbeek > Phone: +31 (0)76 - 5 44 04 11 > Fax: +31 (0)76 - 5 41 83 51 > Mobile: +31 (0)6 - 28 46 47 45 > E-Mail (business): [EMAIL PROTECTED] > E-Mail (private): [EMAIL PROTECTED] > MSN Messenger: [EMAIL PROTECTED] > ICQ (UIN (seldom used)): 191458 >
