Hacker 'Handshake' Hole Found In Common Firewalls

Advisories

Discover Firewalls News

Hacker 'Handshake' Hole Found In Common Firewalls

Some of the most commonly-used firewalls are subject to a hacker exploit that lets an attacker trick a firewall and get into an internal network as a trusted IP connection.
NSS Labs recently tested half a dozen network firewalls to evaluate security weaknesses, and all but one of them was found to be vulnerable to a type of attack called the "TCP Split Handshake Attack" that lets a hacker remotely fool the firewall into thinking an IP connection is a trusted one behind the firewall.

"If the firewall thinks you're inside, the security policy it applies to you is an internal one, and you can run a scan to see where machines are," says Rick Moy, president of NSS Labs. An attacker can then pretty much run wild in the network because the firewall mistakenly considers the IP address as a trusted one coming from behind the firewall.

The link for this article located at Network World is no longer available.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.