mailing list archives
Re: Interesting idea for a covert channel or I just didn't research enough?
From: Jurjen Oskam <jurjen () stupendous org>
Date: Thu, 6 Oct 2005 19:35:09 +0200
On Thu, Oct 06, 2005 at 10:06:24AM +0100, PASTOR ADRIAN wrote:
Please, if you know anything related to backdoors intercepting
commands from log files send me some links. Ideas, comments and flames
are more than welcome :-) .
I myself use this method to open up the SSH port for a particular IP
address. When you try to open a particular URL on my website, you get a 404
because that document doesn't exist. The webserver logs this. A script in
the background sees in the log that this happened, and opens up port 22 to
the IP address which requested the non-existant URL.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/