Y
yves
Firewalls Can’t Secure Everything
With developing firewalls there still a hole that a hacker
can pass through.
A firewall filter Web pages, IP request but can’t filter
MAC address, hackers can prepare a packet that contains a
virtual IP’s MAC address that is trusted by the LAN or WAN
that the firewall is protecting it, of course after
tracing.
When converting IP to MAC Address the firewall will check
the packet then forward it to the DNS, after that, the DNS
will himself forward it to the ARP The ARP Then discovers
that this MAC address belongs to this IP that is trusted.
The Packet can contain a virus a worm a Trojan horse, a
data monitor, a key logger…
But usually when a hacker attempt to risk and do this, in
this situation the hacker prefer to send a patch that can
open a session between the destination IP and the Source
IP with a Port that is usually higher than 33,000.
So the hacker’s hand is now on the LAN and is monitoring
every thing, the intruder can
Control the administrator’s desktop by using TS (Terminal
Services) after cracking the password by using a key
logger or a data monitor. The most dangerous thing is
the “ Man In The Middle” this utility can modify data and
resend it after data spoofing!
Even the ISA firewall can’t control this so anyone tell me
does a firewall secure everything from professional
hackers there is always a way to enter, the wall could be
high but a huge storm might break it
So if you know what I mean there is no perfect security
till now and hackers can always find a way out, their goal
is always stealing information, data, or money
With developing firewalls there still a hole that a hacker
can pass through.
A firewall filter Web pages, IP request but can’t filter
MAC address, hackers can prepare a packet that contains a
virtual IP’s MAC address that is trusted by the LAN or WAN
that the firewall is protecting it, of course after
tracing.
When converting IP to MAC Address the firewall will check
the packet then forward it to the DNS, after that, the DNS
will himself forward it to the ARP The ARP Then discovers
that this MAC address belongs to this IP that is trusted.
The Packet can contain a virus a worm a Trojan horse, a
data monitor, a key logger…
But usually when a hacker attempt to risk and do this, in
this situation the hacker prefer to send a patch that can
open a session between the destination IP and the Source
IP with a Port that is usually higher than 33,000.
So the hacker’s hand is now on the LAN and is monitoring
every thing, the intruder can
Control the administrator’s desktop by using TS (Terminal
Services) after cracking the password by using a key
logger or a data monitor. The most dangerous thing is
the “ Man In The Middle” this utility can modify data and
resend it after data spoofing!
Even the ISA firewall can’t control this so anyone tell me
does a firewall secure everything from professional
hackers there is always a way to enter, the wall could be
high but a huge storm might break it
So if you know what I mean there is no perfect security
till now and hackers can always find a way out, their goal
is always stealing information, data, or money