Home page logo
/

pen-test logo Penetration Testing mailing list archives

[PEN-TEST] Breaking SSH Listening Ports
From: MARC A KURTZ <marck () ESU EDU>
Date: Thu, 14 Sep 2000 15:03:18 -0400

(I hope this isn't off-topic)

We are looking into way to break a solution we have that uses SSH to forward local ports on a Windows box. It uses the 
option to only bind to 127.0.0.1

My question is, is a hacker able to "break" into the computer and send data to that loopback address and get the 
response? Is the loopback completely non-physical? In other words if a hacker injected 127.0.0.1 packets into the 
ethernet card somehow, would the card ignore them, or pass them to the IP stack?? Will the hacker be able to get the 
response if it gave one? We are also assuming there is no PcAnywhere or similiar software installed to take control of 
the mouse, keyboard and screen.

Thanks for any insight anyone can give me!

Thank you,
Marc Kurtz


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]