[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipchains
- To: "Stanislav Malyshev a.k.a Frodo" <frodo(at-nospam)sharat.co.il>
- Subject: Re: ipchains
- From: Alon Oz <alon(at-nospam)linuxqa.com>
- Date: Tue, 26 Dec 2000 11:15:17 +0200
- Cc: Linux-IL Mailing List <linux-il(at-nospam)cs.huji.ac.il>
- References: <Pine.LNX.4.21.0012252126170.16119-100000@frodo.sharat.co.il>
- Sender: alon(at-nospam)aduva.com
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
"Stanislav Malyshev a.k.a Frodo" wrote:
>
> AO>> But if icq.com(example) got my packet and know my "secret" intranet
> AO>> addresses
>
> Oh, yeah, those defined in top-secret RFC1918? 10.1.1.1? 10.10.1.1?
> 192.168.1.1? 172.16.1.1? Am I l33t haxx0r already?
> Guess how many pings is it going to take me to know each
> internet-accessible address on your network after knowing one by looking
> up your mailserver?
The thing is, through ICQ i can know the following:
1. the computer on 192.168.1.78(example) is up
2. It can receive connection to the ICQ port
3. the NAT gateway/fw allows "related" packets to pass from icq to
192.168.1.78
4. icq packets are classified as "related".
Now any man-in-the-middle attack becomes very easy.
You spoof your address (using known flaws in DNS)
and easily get into the inner network.
--
Alon Oz,
Aduva Research Team,
Mailto: alon@linuxqa.com
--
It's always darkest just before it goes pitch black.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il