store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Tue Oct 22, 2019 6:10 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Allowing too much - what a fool!
Unread postPosted: Sat Oct 27, 2012 2:07 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
I just discovered that through a slip up, a machine that I thought was locked down was wide open.

For the purposes of this, pretend that our network range is 1.1.1.128/26

We have a set of hardware nodes, each running a number of virtual machines each with their own IP addresses. We use APF as a firewall script on the VMs.


On one of the virtual machines - lets say 1.1.1.150, I had set a firewall rule to allow, both as a source and destination IP, 1.1.1.128/26 for both incoming and outgoing packets. The idea was to make sure all the systems within the network could communicate with .150 without any problems.

This was done by adding "1.1.1.128/26" in APF's allow_host.rules file.

Haha! What a fool!

The point here is that 1.1.1.128/26 includes .150, and by not being specific about what I wanted to allow (e.g. I should have just allowed 1.1.1.128/26 as a source address by using s=1.1.1.128/26 in allow_host.rules), I was basically saying allow all from all for .150 (the machine I was trying to protect).

Stupid, stupid, stupid :-)

Luckily no harm was done. But it could have been very different! This is actually the second time I've done this too. You'd think I'd have learned from the first time!

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group