IJSIA Articles


HWFWBYPASS ATTACK ON PFSENSE

[ 30 Jun 2021 | vol. 15 | no. 2 | pp. 41-50 ]

About Authors:

Edgar Morán1, Octavio José Salcedo Parra2 and Juan Manuel Sánchez Céspedes
-1Faculty of Engineering, Universidad Nacional de Colombia, Colombia
-2,3Faculty of Engineering, Universidad Distrital Francisco José Caldas

Abstract:

This paper gives documentary evidence of the evaluation and implementation of PFSense’s [1] defense and protection mechanisms to avoid the HWFTBYPASS [2] (Hardware Firewall By Pass) attack which is implemented through Remote Desktop Protocol (RDP). PFSense is one of the most robust open network security software. To achieve the above, the part of the attack that corresponds to bypass the hardware firewall will be implemented, in such a way that it will be possible to infer whether PFSense is by default vulnerable or not, and in that case, the way of mitigation will be addressed. This document presents the evaluation performed to the PFSense firewall in order to execute the four step of the HWFWBYPASS attack, and, on this way to check the state of the art of the PFSense firewall, and just in case it is vulnerable by default, a mechanism to detect and mitigate this attack will be implemented.

Keywords:

PFSense, Remote Desktop Protocol, Hardware Firewall By Pass, Attack

 

About this Article: