Bypassing Firewall Rules Using a Different method Assume the following scenario As an attacker, you want to access a victim machine behind a firewall You realize that the victim is behind a firewall which is configured to allow outgoing web traffic ( TCP ports 8 0 , 4 4 3 ) , DNS ( UDP port 5 3 ) and ICMP All ingress traffic is denied by default The firewall rules cannot be modified Outline a method to allow access to the victim machine Demonstrate your method with screen shots specified below You can use any set of machines in your project Q 6 Briefly outline your method and the assumptions behind the method scenario State which machines are being used in the scenario, and their roles in the method You must also describe how the connection is made between the attacker and the victim ( 3 pts ) Ans Q 7 What are the limitations of your method For e g , the SSH tunneling in part 1 can be used to only exfiltrate data out of the Ubuntu machine, but not allow a shell to the attacker which could be a drawback However, it can work even if the victim is behind a NAT router an advantage ( 3 pts )

The Answer is in the image, click to view ...

Question: Bypassing Firewall Rules Using a Different method Assume the following scenario. As an attacker, you want to access a victim machine behind a firewall. You

Bypassing Firewall Rules Using a Different method

Assume the following scenario. As an attacker, you want to access a victim machine behind a

firewall. You realize that the victim is behind a firewall which is configured to allow outgoing web

traffic

(

TCP ports

80, 443),

DNS

(

UDP port

53)

and ICMP. All ingress traffic is denied by default.

The firewall rules cannot be modified. Outline a method to allow access to the victim machine.

Demonstrate your method with screen shots specified below. You can use any set of machines in

your project.

6

: Briefly outline your method and the assumptions behind the method

/

scenario

.

State which

machines are being used in the scenario, and their roles in the method. You must also describe how

the connection is made between the attacker and the victim.

(3

pts

)

Ans:

7

: What are the limitations of your method? For e

.

.,

the SSH tunneling in part

1

can be used to

only exfiltrate data out of the Ubuntu machine, but not allow a shell to the attacker

-

which could

be a drawback. However, it can work even if the victim is behind a NAT router

-

an advantage.

(3

pts

)

Bypassing Firewall Rules Using a Different method

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Programming Questions!

Assume the following scenario. As an attacker, you want to access a victim machine behind a firewall. You realize that the victim is behind a firewall which is configured to allow outgoing web...

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

Assessment item 4 back to top Managing Services and Security Value: 15% Due Date: 02-Oct-2018 Return Date: 22-Oct-2018 Length: 15 - 20 pages including screenshots Submission method options:...

I would highly appreciate your kind answers to the questions includedin the attached case study which was provided by my financial accouting professor. thank you. ISSUES IN ACCOUNTING EDUCATION Vol....

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Due Week 4: Work Breakdown Structure According to the PMBOK Guide, "the WBS is a deliverableoriented hierarchical decomposition of the work to be executed by the project team, to accomplish the...

W1: Freedom to Contract 350 words, Reference and cite .. Believe it or not, ideology is an important topic in the study of Contract Law. Please discuss what constitutes an ideology? Political beliefs...

Who is the customer? What is the customer's business? How does the customer make money? What are the primary costs for the company? What disruptions are facing the industry or customer? What are the...

Describe the three methods by which investors can make money with stock investments.

For n Z+ prove that if (n) = n - 1 then n is prime.

1 . Burlap \ & Barrel Spices is in its second year selling high - end, single origin spices and spice blends. Its products sell for an average of \ ( \ $ 2 0 \ ) per unit. In its first year, Burlap \...

12 Solve the equation If the equation has no real solution write no solution 6 C 12. Solve the equation. If the equation has no real solution, write "no solution".