iptables rule to block FTP-NAT-Helper-Traffic
- From: Kevin Kempfer <usenet_spam@xxxxxxxxxxxxxx>
- Date: Wed, 26 Nov 2008 16:17:29 +0100
Hi everybody,
I just got aware of the FTP-NAT-Helper security problem. Here's what happens:
- I visit a page with a hostile java applet
- the applet calls home with what seems to be a legitimate FTP session
- the remote server responds with "sure, I'll send that data on port 5900" (which just happens to be the standard VNC port)
- the router opens port 5900 for that remote host to this local host, and that remote host now has access to a local port that it should not.
(dicussed here: http://www.linksysinfo.org/forums/showthread.php?t=54999)
Is there a way to block this kind of traffic? I tried some standard linux firewall GUIs (firestarter, gufw, guarddog) but none of them produced rules that block the evil traffic. Tested it using http://bedatec.dyndns.org/ftpnat/test.html
It still shows open ports which should not be reachable from outside my network.
What can I do to block that traffic?
Thanks,
Kevin
.
- Follow-Ups:
- Re: iptables rule to block FTP-NAT-Helper-Traffic
- From: Pascal Hambourg
- Re: iptables rule to block FTP-NAT-Helper-Traffic
- Prev by Date: Re: Ubuntu wireless networking problem since 8.10
- Next by Date: Re: Ubuntu wireless networking problem since 8.10
- Previous by thread: Throughput Formula
- Next by thread: Re: iptables rule to block FTP-NAT-Helper-Traffic
- Index(es):
Relevant Pages
|
