New NAT Slipstream attack vector
-
Does anyone know if pfSense is vulnerable to this type of attack? In their example they attacked a linux based router but it seems general enough that FreeBSD might be affected too.
https://samy.pl/slipstream/
It was released just a few days ago on Oct 31.
-
Hi,
Can you share more info about this attack ? (CVE, etc. ) ?
Thanks
-
The only info that I have is at the URL in my original post. It is HIGHLY detailed and informative. I do not know if it has been assigned a CVE yet.
-
I started reading it.
Sounds more like (one more) WebRTC issue than actually pure NAT problem.
I'll keep reading. -
Note the mentioning of ALG's
Afaik std pfSense doesn't use them.
Well you could install a few (FTP springs to mind)I'll be following this one
/Bingo
-
I would expect someone from Netgate to comment soon.
But this is "Hot off the press" , they might have to look at the github stuff first./Bingo
-
Seems to only affect things with ALGs, and pfSense doesn't really have any ALGs except for the FTP proxy and siproxd but those are more like proxies than ALGs.
Too soon to tell 100% but likely irrelevant to pfSense. If you're worried, remove the FTP Proxy/siproxd which you probably don't need anyhow.