Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Tempest Security Technologies: Security flaw in Linux 2.4 IPTables using FTP PORT

Apr 20, 2001, 01:09 (3 Talkback[s])
(Other stories by Cristiano Lincoln Mattos)

"If an attacker can establish an FTP connection passing through a Linux 2.4.x IPTables firewall with the state options allowing 'related' connections (almost 100% do), he can insert entries into the firewall's RELATED ruleset table allowing the FTP Server to connect to any host and port protected by the firewalls rules, including the firewall itself...."

"This is a security flaw which can be exploited when an attacker is in a position behind your firewall, i.e., 'protected'. For example, if your firewall protects an FTP Server and the attacker has compromised it by other means, he can use this to connect to other protected networks. Or, if your attacker is behind your firewall as a client and connects to an FTP server on the Internet, he can use it to allow this FTP server to connect to other protected networks."

Complete Story

Related Stories: