Firewalls under the hood - UFW

This blogpost aims to explain some of the inner workings of the “uncomplicated firewall” (ufw) that is available for Ubuntu installations since 8.04 LTS and for Debian installations since 10. Before going into detail, ufw is not a firewall but a frontend for iptables. Iptables is a frontend for the netfilter kernel module that is performing packet filtering within the Linux kernel. Therefore all actions that are performed via ufw can be directly queried using the iptables command. … »

Escaping from Mozilla Firefox in Restricted Environments

How to execute operating system commands by leveraging legitimate functions of Mozilla Firefox. Software environments in which users should only be able to perform a limited amount of tasks often use Kiosk applications to reduce the opportunities of a user to interact with the system. In many environments, only a few pre-defined applications are published to the user, like web browsers or POS software, depending on what the user needs to do. … »

Network Security Implications of Host Models

This blog post is about a concept in network stacks called “Host Model” and its implications on network security. It is important for both, the offensive and the defensive side to know the differences between the host model paradigms and to be aware of the defaults that are used in common operating systems. In this blog post the following 2 hosts will be considered: Host A eth0 IPv4 address: 192.168.100.1/24 MAC: 00:0C:29:6D:57:01 eth1 IPv4 Address: 10. … »