|
Those are typically called "man in the middle" attacks. The issue with these security breeches is not with the router, it is with the application you are interfacign with. Besides intercepting the data stream, the attacker also needs to knwo how to interface with the client and act liek the server. And in all actuality, the attacker doesn't "reroute" data to him. He intercepts and modifies the data in the stream. Think of it as a truck driver. You leave Atlanta to go to Boston with a load of peaches. You get stopped in Philadelphia and without you knowign it, soemone throws a dead body in the truck as well. You still get to Boston liek you intended, but you arrive with a different cargo of data than expected. Now, it is up to how the loading dock in Boston handles it. In a properly built program, any unusual "cargo" that arrives, it should catch and alert autorities (generate an error and handle it appropriately). A bad program will nto care, dumpt he body alogn the side of the buildign and let it cause problems. Again, an overly simplistic analogy, but should give you the idea. You are getitng itno things that firewalls are not meant to protect against. Thsoe are typically application level security. A firewall is jsut border patrol and traffic cop. It doesn't inspect the purpose of the data. It jsut makes sure everythign gets to where it is supposed to. ----- Original Message ----- From: "Dan Bale" <dbale@xxxxxxxxxxxxx> To: "PC Technical Discussion for iSeries Users" <pctech@xxxxxxxxxxxx> Sent: Thursday, July 29, 2004 12:43 PM Subject: RE: [PCTECH] Need firewall protection, > OK, it is starting to sink in. <g> NATing routers block/deflect all > "uninvited" guests. > > I am going to ask one more question relating to this. Couldn't a router be > fooled, "spoofed" if you will, by an "uninvited" guest on the outside > sending something to the router so that it believes it is a result of > something initiated on my PC? > > Or are there just too many variables for it to happen? > > Let me suppose the following high-level pseudo scenario: > > A potential "uninvited" guest is monitoring traffic between my firewall and > the website I am visiting. The website sends something back, which the > firewall accepts based on the information being sent back. What's to say > that that information couldn't be intercepted to capture the "keys" that the > router needs to let it in, and then use those "keys" to send something to > the router that the website didn't send? How does the router/firewall > assure that the information it receives is coming from a source that the PC > initiated? > > Thanks again for all the replies! I have learned an enormous amount from > you guys, and I really appreciate it! > > - Dan > > -- > This is the PC Technical Discussion for iSeries Users (PcTech) mailing list > To post a message email: PcTech@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/pctech > or email: PcTech-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/pctech.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
