Themenabend/Firewall Piercing

Aus C3D2
Version vom 29. November 2004, 17:18 Uhr von Frank Becker (Diskussion | Beiträge) (ACK tunnel in Tabelle)
Zur Navigation springen Zur Suche springen
Caldrin Alien8
ICMP-Tunnel Firewall Intro (Ausarbeitung, Vortrag zusammen)
hiding stuff in ip headers (incl. stegtunnel) ip and ssh tunnel
http-header http,https,
open connections from outside DNS-tunnel (mit Verweis auf DNS-Vortrag)
ACK tunnel

Contents

  • short Intro to Firewalls
    • is a concept
    • Packetfilter
      • stateless
      • stateful
      • NAT (IP header recalculation, CRC checks ...)
    • Application Layer Gateway
  • Basics
  • nc / cryptcat
  • the art of hiding (backpacking your data)
    • Tunnel
      • ip tunnel (incl. Why TCP over TCP is a bad idea)
      • ssh tunnel
  • Simple Examples of tunnel
    • HTTPS-Tunnel (connect)
    • Http-Tunnel (GET / POST)
    • Web-Shell
  • Advanced Examples
    • HTTP header
    • ICMP-Tunnel
    • DNS-Tunnel
    • hiding stuff in ip headers
    • different networking protocols
    • E-Mail tunnel
    • ACK-Tunnel
    • [Stegtunnel]
  • opening connections from outside
    • send IP with IP/port into protected net (ping) => pinged host opens connection out
    • guessing Syncookies

more to come ...

Storyline

Introduction

  • Welcome ... Thanx for comming ... In Aug we did TA for c3d2 about Firewalls, Got interested in that topic or some joke
  • What is a firewall?
    • Packetfilter
      • stateless
      • stateful
      • NAT (IP header recalculation, CRC checks ...)
    • Application Layer Gateway

If you believe in those systems giving you the perfect protection: Don't waste your time! Good bye!

  • What we are going to show:
    • To circumvent firewalls one has to be creative ... find a hole in the set-up, exploit it! Enjoy!
    • We show you:
      • Don't expect a cook book!
      • We're going to show some basic techniques and tools
      • some examples will show how to use them