attacker sends packets -> packets are dropped by firewall -> packets
properties are captured in logs -> backdoor reads logs and finds
encoded commands -> commands are executed
As a covert channel? .. no, it's a waste. Once you have the access to
set that up, you could establish any number of more efficient schemes.
As a way to do a "remote wake-up" though .. it might have some promise
.. but it still depends on too many other variables.