Great Circle Associates Firewalls
(February 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: JAVA security problem ?
From: Jeff Murphy <jcmurphy @ smurfland . cit . buffalo . edu>
Date: Fri, 9 Feb 1996 13:26:06 -0500 (EST)
To: mdr @ vodka . sse . att . com
Cc: Firewalls @ greatcircle . com
In-reply-to: <9602091542 . AA11672 @ ig4 . att . att . com> from "mdr @ vodka . sse . att . com" at Feb 9, 96 10:50:36 am 
>An how do they know from whence they came?  Do I smell an IP spoofing
>attack?


in netscape, you open a URL .. http://www.foo.com/applet.html

and it downloads an applet.. the applet attempts to open a socket
to 'firewall.your.com' and it fails... because the socket class that
is available via netscape only permits it to connect to the host 
designated in the above URL. if you can use IP spoofing to change the 
URL listing in the "Location:" box of a browser.. i'd be fairly impressed.

after think about it a bit more than i really wanted to.. i dont see how
an applet can get around only being able to connect to www.foo.com.

jeff
Follow-Ups:
Indexed By Date Previous: Re: JAVA security problem ?
From: Jeff Murphy <jcmurphy @ smurfland . cit . buffalo . edu>
Next: Would anyone know how to route www.foobar.COM
From: "Douglas M. Todd, Jr." <doug @ fc . com>
Indexed By Thread Previous: Re: JAVA security problem ?
From: Jeff Murphy <jcmurphy @ smurfland . cit . buffalo . edu>
Next: Re: JAVA security problem ?
From: "Paul D. Robertson" <proberts @ clark . net>
Google
 
Search Internet Search www.greatcircle.com