Results 1 to 8 of 8

Thread: Bypassing firewall

  1. #1
    Member
    Join Date
    Aug 2004
    Posts
    95

    Bypassing firewall

    An article at http://news.bbc.co.uk/1/hi/technology/3548035.stm, talks about chinese users bypassing firewalls.

    How do they do it? Any one can throw some light on to it?
    Is that methodology can be used in local network?

    Your help...please

  2. #2
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Its simple. Say the gov. bans all addresses ending in .com so what they do is they connect to a computer (say it ends with .edu) and then request info through that comp. That comp is out side of the controlled area so it can access the .com stuff when it relays the info back to the requesters the filters see it as .edu instead of the original .com becasue now it has a new sender. This is called using a proxie. "hackers" have used this for a long time to hide their IP addresses becasue the attacks look like they are comming from the proxie rather then comming from the actual attacker. Yes there are MANY free proxies available so it can be implimented on a lan. One was I have found to get around many school filters is to have somoene send you a link using www.tinyurl.com it converts the link into one from tiny url's domain which is not block (yet) so it tricks the filter into thinking it is a different page.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    oh and if anyone is trying to use that link take the comma off the end and it will work.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  4. #4
    Member
    Join Date
    Aug 2004
    Posts
    95
    I have a watchguard frewall installed.
    It prevents us from accessing many security sites. I tried with the same method you told with tiny, the firewall still blocks the connection.

  5. #5
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    Firewalls basically block ports,they block incoming request as well as outgoing requests(denying unknown application to access internet),they block in coming request from a perticular IP address,or from a range of IP addresses oe from a range of IP addresses other then specified.
    Suppose you find a buffer overflow in a web site and u have a exploit available for that vulnerability on internet which sends a revevse shell to IP address u specify you know that it is a working exploit but when you try to hack a web site it doesn't work out.Why?

    Because firewalls can be(and normally are)configured to block outgoing requests.so what happens when u use that exploit?
    Buffer overflow is exploited a shell is created and program tries to send it to a perticular port on a perticular IP address.
    But due to firewall it can't.

    Now about how to bypass firewall there are two well known mathods
    1)code injection
    2)DLL injection

    Take a simple and short explaination of code injection.There are two codes one that is used to inject the other code in any process's(that is allowed to access internet by default) memory space and the Other code that just does something like sending files or anything you want.

    So what happens?
    1) You are totally working in memory
    2) Once you inject your code in memory space of other process that code is also allowed to access internet as firewalls don't provide any protection at process level.

    References:
    http://phrack.org/show.php?p=62&a=13
    nobody is perfect i am nobody

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    maybe they know the secert of tinyurl, lol. It also dependson how the filters work. If it is blocking the URLS like my highschools did then this works. If it filtering by the "keywords" for the page then its much harder to do. The way we used to get around that was to build a personnel webpage and have a framein it for the page we wanted to see, that way we could go to our site without problems which coincedently had a frame that took up nearly the whole sceen with a blocked page.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  7. #7

    Post Firewall Basics

    can Anyone [gloworange]Put some light on how a firewall works[/gloworange] .Some time ago i installed Norton Internet Security and it had a default firewall thus blocking all network access but since the network is my part of computers only, there must be some way by which i can access my network files and bolck access to pcs outside the network connected to me by internet.Another thing is there how to bypass the firewall.I am not asking about any tools that do this.I am asking about the method how you do it.
    Also kindly tell me what good firewalls are there and their disadvantages and advantages.A link will be sufficient.
    Thank You

  8. #8
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Just ****ing google it.

    Norton Internet Security sucks.
    ZoneAlarm is good
    IpCop is even better if you have a spare computer lying around.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •