|
Security Basics
mailing list archives
Re: Re: Attacking a machine on network.
From: sandeep.sandhu.in () gmail com
Date: 30 May 2007 00:44:19 -0000
Lets assume your machine is not a server, and is not "listening" on any TCP/UDP port. Since the machine is connected to
a network, there must be some network protocol being used by a network client software. That protocol or the client's
code could have a vulnerability which could be exploited.
For example, your anti-virus agent might be scheduled to setup a http, ftp or pop3 connection to find out if a new
anti-virus update is available for patching. This client could be misused by spoofing the anti-virus distribution
server and injecting malacious code into the binaries picked up by the anti-virus.
Your machine could also be setup to synchronise the internal clock by contacting public NTP servers, this could also
potentially be exploited.
Similarly, there are several malacious websites which try to exploit web-browser vulnerabilities. They being scanning a
client IP-address when they receive a browser connection. See the Microsoft Strider-monkey project for examples. The
honeyclient is another such example.
Regards
 By Date 
By Thread
Current thread:
- Re: Attacking a machine on network., (continued)
|
Intro
