FireStorm: Severe Security Flaw Discovered in Next Generation Firewalls by David Leichner

(92 views)

FireStorm: Severe Security Flaw Discovered in Next Generation Firewalls BugSec Group and Cynet discovered a severe vulnerability in Next Generation Firewalls. Head of Offensive Security Stas Volfus uncovered the vulnerability, dubbed FireStorm, which allows an internal entity or malicious code to interact and extract data out of the organization, completely bypassing the firewall limitation. It was discovered that the firewalls are designed to permit full TCP handshake regardless of the packet destination, in order to gather enough content for it to identify which application protocol is being used (web-browsing/telnet etc.). This is applicable if the devices are configured, for example, to allow Web browsing (HTTP/S) traffic from the LAN environment to specific locations on the internet (URL Filtering). This is true even with a single location. This allowed us to perform a full TCP handshake via the HTTP port with a C&C (Command and Control) server hosted by BugSec. From....

January 26, 2016
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.