mailing list archives
Re: Open All Outbound Ports?
From: <m2dzus () yahoo com>
Date: 10 Nov 2002 22:25:37 -0000
In-Reply-To: <FDEHJDIOOBLHLBCAOEJFMELFEOAB.billl () cyberbase7 com>
opening all outbound ports is a bad idea. classic example is here..
director of marketing takes laptop home.
director gets hacked via Trojan downloaded from non corporate mail.
director brings laptop back to work.
using netcat hacker sets up opens backdoor via a allowed port... and
out through a high port to avoid detection.
your firewall team wont see this if the port is open...
Sorry if this sounds basic but I can't seem to figure out how this example
would work? Please could you elaborate
Surely the trojan would alerady have to be running on a open port for the
hacker to connect to it in order to run netcat to setup a backdoor?
Re: Open All Outbound Ports? David Weinberg (Nov 12)
RE: Open All Outbound Ports? DeGennaro, Gregory (Nov 13)
Re: Open All Outbound Ports? James Lee Gromoll (Nov 16)