[6bone] Re: Internal Address Space

[Stephen Degler]

Ok, 

Private addresses and a proxy won't help you against these methods 
either, as long as http connect methods are permitted by the proxies.
Like you said, The p-to-p world utilizes these techniques already.

So a statefull firewall is still protects against external attacks.
If one can convince software or a user to execute malicious code,
all bets are off.  Being addressable doesn't alter the status quo.

skd

On Tue, May 21, 2002 at 08:05:33AM -0700, Michel Py wrote:
> Stephen,
> 
> > Stephen Degler wrote:
> > Please be more specific.  I believe that there are flaws in the
> > implementations of statefull firewalls as there all in all things,
> > but it is my impression that they are relatively secure from the
> > design perspective.
> > How exactly would this IE plugin work?
> 
> By initiating the traffic from the inside at both hosts, which opens a
> temporary hole in the firewall to allow return traffic. A good example
> of that kind of trick is Morpheus: People can pull mp3s from your RFC
> 1918 host crossing NAT and crossing a stateful firewall _without_ having
> to punch a hole in the firewall and without static NAT configuration. I
> think that teredo also allows to do the same. All these mechanisms are
> based in contacting an agent outside; if that agent is listening on port
> 80 there is not much you can do to prevent your host talking to it.
> 
> Michel.