1 / 10

Anti-Hacker Tool Kit

Anti-Hacker Tool Kit. Chapter 13 Port Redirection. Roy Chang. I nformation N etworking S ecurity and A ssurance LAB Department of Communications Engineering National Chung Cheng University. Introduction. Listen on a port Client/Server method. WEB. SSH. SMTP. FTP.

micah-little
Download Presentation

Anti-Hacker Tool Kit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anti-Hacker Tool Kit Chapter 13 Port Redirection Roy Chang Information Networking Security and Assurance LABDepartment of Communications EngineeringNational Chung Cheng University

  2. Introduction • Listen on a port • Client/Server method WEB SSH SMTP FTP

  3. Port Redirection 80 5050 4023 80

  4. DataPipe • Pass TCP/IP traffic • http://www.bovine.net/~jlawson/coding/datapipe/datapipe.c

  5. Fpipe • Out band source port and UDP support • http://www.foundstone.com/resources/proddesc/fpipe.htm Port:5678 Port:4433 Port:80

  6. Port Hopping- Local Redirection Host 1234 80 C:\fpipe –l 1234 –r 80 localhost ./datapipe localhost 1234 80

  7. Port Hopping- Client Redirection Spork, IIS exploit code on Port 80 <host A> IIS Port 7070 80 80 8080 C:\fpipe –l 80 –r 7070 <host A> ./datapipe <host A> 80 7070

  8. Port Hopping- Dual Redirection FTP+mail SQL Host A Host B Host C Host D fpipe –l 1433 –r 25 <Host C> ./datapipe 25 1433 <Host D>

  9. Summary • Host security • Ingress filter • Allow what you want • Deny all • Egress filter • Proxy firewall

  10. Reference • RFC 1700

More Related