flat assembler
Message board for the users of flat assembler.

flat assembler > Projects and Ideas > [IDEA] FASM Firewall

Author
Thread Post new topic Reply to topic
Crukko



Joined: 26 Nov 2005
Posts: 118
Did someone is going to write a firewall with fasm???
Or did someone has got source of a "great" firewall??

I hope to find/write a FW that
1) permit authentication from any IP, and if you fail 3 times PW your IP will be disabled....
2) show/monitor ports activity...
3) your add Wink

Thx
Post 04 Jul 2006, 09:59
View user's profile Send private message Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
Post 04 Jul 2006, 10:23
View user's profile Send private message Reply with quote
comrade



Joined: 16 Jun 2003
Posts: 1123
Location: Russian Federation
look for an "ndis filter driver"
Post 05 Jul 2006, 07:05
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
0x4e71



Joined: 25 Feb 2004
Posts: 50
Crukko wrote:
Did someone is going to write a firewall with fasm???
Or did someone has got source of a "great" firewall??

Hmm, well there are the linux ones like smoothwall, astaro etc, you can look but at those but of course they are all very far (huge projets, high level languages et) from the Fasm spirit.
Nevertheless it's a really COOL project to do! And you can learn a lot about networking...

Crukko wrote:

I hope to find/write a FW that
1) permit authentication from any IP, and if you fail 3 times PW your IP will be disabled....

Heheh be VERY careful with this one, as it can make your system incredibly vulnerable. Anybody could spoof your provider's DNS server IP addresses then send you bogus authentications pertending to be that IP... if your f/w bans those IP's you are severely scr*w*d! Surprised

/L
Post 05 Jul 2006, 17:41
View user's profile Send private message Reply with quote
madmatt



Joined: 07 Oct 2003
Posts: 1046
Location: Michigan, USA
Completly off subject, but why is 0x4e71 your handle name? Confused
Post 05 Jul 2006, 19:43
View user's profile Send private message Reply with quote
0x4e71



Joined: 25 Feb 2004
Posts: 50
madmatt wrote:
Completly off subject, but why is 0x4e71 your handle name? Confused


Ehm Smile
It's a reference to:
http://www.freescale.com/files/archives/doc/ref_manual/M68000PRM.pdf
Code:
Integer Instructions
MOTOROLA M68000 FAMILY PROGRAMMER’S REFERENCE MANUAL 4-147
NOP No Operation NOP
(M68000 Family)
Operation: None
Assembler
Syntax: NOP
Attributes: Unsized
Description: Performs no operation. The processor state, other than the program counter,
is unaffected. Execution continues with the instruction following the NOP instruction.
The NOP instruction does not begin execution until all pending bus cycles have
completed. This synchronizes the pipeline and prevents instruction overlap.
Condition Codes:
Not affected.
Instruction Format:
15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
 0  1  0  0 1   1 1 0 0 1 1 1 0 0 0 1
    

That binary string is 4e71 in hex, so.. my favorite instruction Wink
/L
Post 05 Jul 2006, 20:34
View user's profile Send private message Reply with quote
dreamhack



Joined: 02 Jul 2006
Posts: 14
...so i posted a topic with a keylogger and now you want to make a firewall Smile
just do not make that firewall like someone did in win xp sp2, that can be 'hacked' with some lines of vbscript code Wink
Post 05 Jul 2006, 22:43
View user's profile Send private message Reply with quote
Crukko



Joined: 26 Nov 2005
Posts: 118
Boyz: I found usefull source...working on Wink

0x4e71:about DNS IP...did you (or anyone else) have any idea on how protect from this *bug* ???? Wink

I think the first step is to find and monitoring port and ip....
bye!
Post 14 Jul 2006, 09:52
View user's profile Send private message Reply with quote
Crukko



Joined: 26 Nov 2005
Posts: 118
0x4e71: thinking about DNS problem....if someone try to use that IP and send wrong PW for 3 times....also DNS IP will be disabled, so your PC will not have internet access anymore just until you reset the IP.....I think is not a problem, don't you?
Post 14 Jul 2006, 09:55
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
I am working on a bootable firewall written in fasm, much safer, to run on old PC.
Post 14 Jul 2006, 14:20
View user's profile Send private message Reply with quote
0x4e71



Joined: 25 Feb 2004
Posts: 50
Crukko: indeed, the problem is exactly that: not security in itself but a VERY easy way to denial of service attack you (no internet)... The solution is selective IP shunning, e.g. your firewall will not just ban ANY ip but will more intelligently select who is safe to ban and who could create problems (such as cutting you off the internet).... I believe one of the presentations at DEFCON 13 treated this subject extensively, I cannot remember which one though, all the mp3s and even the videos are available online so may be worth checking out anyway, (if I can remember exactly which one I'll post).

Cheers,

/L
Post 14 Jul 2006, 22:43
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2019, Tomasz Grysztar.

Powered by rwasa.