RE: [Full-disclosure] RE: Example firewall script (iptables)

In my first email i requested about bad example firewall script, in later
mail i said that this script was to learn more so the scene isn't important
because i'm loking for bad script in any scene

Thanks  

-----Mensaje original-----
De: Anders B Jansson [mailto:hdw@kallisti.se] 
Enviado el: lunes, 29 de agosto de 2005 15:48
Para: Full Disclosure
Asunto: Re: [Full-disclosure] RE: Example firewall script (iptables)

Maybe you'd get more informative and less 'get a clue!' answers if you
rephrased and explained your question a little.

For one, what in the world is a firewall script?
I'd guess it's firewall rules you're talking about.

Second, in what scenario?
Corporate firewall, SME, personal, school?

Without knowing that the only answers you can get is that 'pass all' is bad,
so is 'block all'.

// hdw

Bernardo Martín wrote:
> Anybody have more information about bad example firewall script?? 
>
>
>
>
> -----Mensaje original-----
> De: Bernardo Martín [mailto:bmartin@desic-sl.com] Enviado el: lunes, 
> 29 de agosto de 2005 14:01
> Para: Full Disclosure
> Asunto: RE: [Full-disclosure] RE: Example firewall script
>
>  
> I look for bad rules set to learn a little more. I thought that my 
> question was interesting because here there are many people who knows 
> about this. Can you recommend me any web or any book?
>
>
> Thanks
>
>
>
>
> -----Mensaje original-----
> De: James Tucker [mailto:jftucker@gmail.com] Enviado el: sábado, 27 de 
> agosto de 2005 18:17
> Para: Full Disclosure
> Asunto: Re: [Full-disclosure] RE: Example firewall script
>
> Screw these arguments.
>
> What you should really do is get a security consultant to teach you 
> the basics, and provide you with some exposure to the various 
> different options you may have available, and in the case of your 
> request, offer you some of the old horror stories.
>
> If your only aim is to learn, the I would suggest starting with your 
> firewalls documentation. Most firewall developers do have at least a 
> reasonable knowledge of firewall security and rule building. Moreover 
> good documentation will leave references to good physical sources 
> (books, courses, etc.). Getting back to the original question of BAD 
> configurations
> :) (yep, my ATD is higher today) you may find some reasonable examples 
> in high quality documentation too.
>
> You might try looking into any detailed hacking stories and statistics 
> you can find, as these may lead to some other interesting conclusions 
> about firewalls and their impacts on security too.
>
> Also, forums might be a good place to pick up bad firewall rules, you 
> know those places are filled with crap because people just can't 
> resist trying to show up the next guy and pretend to be the best.
>
> Just out of interest, why are you looking for Bad rule sets?
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/