Anti-hacker Tool Kit: CH13 Port Redirection - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Anti-hacker Tool Kit: CH13 Port Redirection

Description:

For a packet to reach its destination, it must have a destination IP address and ... Implement port redirection techniques natively in Windows ... – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 20
Provided by: Yaki
Category:

less

Transcript and Presenter's Notes

Title: Anti-hacker Tool Kit: CH13 Port Redirection


1
Anti-hacker Tool KitCH13 Port Redirection
  • Jared
  • 04/03/31

2
Agenda
  • Introduction
  • Datapipe
  • FPipe
  • Case Study Port Hopping
  • Case Study Packet Filters, Ports, and Problems
  • Conclusion
  • Reference

3
Introduction
  • Port
  • For a packet to reach its destination, it must
    have a destination IP address and a destination
    port.
  • TCP/IP allows 16-bit port numbers.
  • Well-known port number 01023
  • The Well Known Ports are controlled and assigned
    by the IANA and on most systems can only be used
    by system (or root) processes or by programs
    executed by privileged users.
  • Registered port number102465535
  • The Registered Ports are not controlled by the
    IANA and on most systems can be used by ordinary
    user processes or programs executed by ordinary
    users.
  • ms-sql-s 1433/tcp Microsoft-SQL-Server
  • ms-sql-s 1433/udp Microsoft-SQL-Server

4
netstat
5
datapipe
  • A port redirection tool passes TCP/IP traffic
    received by the tool on one port to another port
    to which the tool points.
  • Port redirection is protocol ignorant
  • Neither a client nor a server

6
datapipe
7
(No Transcript)
8
protocol ignorant
9
FPipe
  • FPipe
  • By Foundstone
  • Implement port redirection techniques natively in
    Windows
  • Adds User Datagram Protocol (UDP) and outbound
    source port number support, which datapipe lacks

10
FPipe (cont.)
11
(No Transcript)
12
Case Study Port Hopping
  • Local Redirection
  • Client Redirection
  • Dual Redirection

13
Case Study Port Hopping
  • Local Redirection
  • C\gtfpipe l 22 r 3389 localhost
  • ./datapipe localhost 3389 33

14
Case Study Port Hopping (cont.)
  • Client Redirection

spork is IIS exploit code written to run
against port 80
C\gtfpipe.exe l 80 r 7070 www.target.com
C\gtspork localhost
15
Case Study Port Hopping (cont.)
  • Dual Redirection

C\gtfpipe l 1433 r 80 ltHost Cgt
./datapipe ltlocolhostgt 80 ltHost Dgt 1433
16
Case Study Packet Filters, Ports, and Problems
  • Basic packet filters allow or deny traffic based
    on IP addresses and port numbers.
  • Linuxs ipchains and Cisco routers
  • Source IP address
  • Source port
  • Destination IP address
  • Destination port
  • Source-port problems
  • ftp data connection
  • DNS
  • Use FPipes outbound source port option (-s)
  • C\gtfpipe l 3389 r 3389 s 20 192.168.0.116

17
Case Study Packet Filters, Ports, and Problems
(cont.)
  • Blocking Port Redirection
  • Host security
  • command-line access
  • Patch, configure, verify
  • Ingress filters
  • DENY ALL
  • Egress filters
  • Web server

18
Conclusion
  • Ports are used in the TCP to name the ends of
    logical connections.
  • The port redirection tool is neither a client nor
    a server. It functions as a conduit for TCP/IP
    connections, not an end point.
  • A firewall or router access control list should
    be defined as detail as possible.

19
Reference
  • DATAPIPEhttp//cvs.sourceforge.net/viewcvs.py/syn
    ce/htdocs/datapipe.c
  • Foundstonehttp//www.foundstone.com/
  • RFC 1700 ASSIGNED NUMBERShttp//www.ietf.org/rfc/
    rfc1700.txt?number1700
Write a Comment
User Comments (0)
About PowerShow.com