Firewalls: Re: How to pass protected firewalls?

Firewalls
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Re: How to pass protected firewalls?
From:	Don Lopez <lopez @ discoverbrokerage . com>
Organization:	Bay One Technologies Group
Date:	Thu, 19 Feb 1998 08:08:18 -0800
To:	Bart Sibon <Bart_Sibon @ nl . coopers . com>
Cc:	Firewalls @ GreatCircle . COM
References:	<862565B0 . 0047D48B . 00 @ internet-503 . interliant . com>

Bart Sibon wrote:
> 
> Does somebody know if there are websites with hostile java scripts or
> people who are specilized in hostile java scipts?
> 
> I am looking for java scripts which pass firewalls even when they are
> protected.
> 
> Are there more possibilities to pass protected firewalls? Specific remote
> commands for example.
> 
> Thank you,
> Bart
> --
Bart,

Take a look at http://www.rstcorp.com/javasecurity/links.html
There are examples of hostile applets and other interesting links to
Java security research.  There is also a pretty good book written by
Gary McGraw called Java Security:  Hostile Applets, Holes, and Antidotes
described at http://www.rstcorp.com/java-security.html

I would also recommend the Princeton CS Department's Java security work
at http://www.cs.princeton.edu/sip/pub/secure96.html

I think both of these will give you interesting insight into Java
security issues and possibly have example applets that exploit
firewalls.

Don Lopez

References:

How to pass protected firewalls?
From: "Bart Sibon"<Bart_Sibon @ nl . coopers . com>

Indexed By Date	Previous:	Re: Use the CISSP, Luke (was Re: Certifiying Security Auditors) From: Larry Kwiat <Larry . Kwiat @ gov . yk . ca>
Indexed By Date	Next:	Re: Use the CISSP, Luke (was Re: Certifiying Security Auditors) From: "Paul D. Robertson" <proberts @ clark . net>
Indexed By Thread	Previous:	Re: How to pass protected firewalls? From: Ken Williams <jkwilli2 @ unity . ncsu . edu>
Indexed By Thread	Next:	DNS on ATM From: "icakmakli"<icakmakli @ ykb . com>