Security Incidents mailing list archives

Re: Virus/trojan tunnel out from behind firewall?

From: Ryan Russell <ryan () securityfocus com>
Date: Mon, 25 Feb 2002 02:01:28 -0700 (MST)

On Sun, 24 Feb 2002, David Carmean wrote:

Have there been any cases of a trojan/virus/etc tunnelling out from
behind a firewall and thus providing an attacker a way into the
"chewy center"?


Sure.  All of the trojans that log onto IRC and await commands do that.
Others that download components from a website under the authors control
do that in a way, as well.

                                                Ryan


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Virus/trojan tunnel out from behind firewall? David Carmean (Feb 24)
- RE: Virus/Trojan tunnel out from behind firewall? Bill Royds (Feb 25)
- Re: Virus/trojan tunnel out from behind firewall? Rich Puhek (Feb 25)
  - Re: Virus/trojan tunnel out from behind firewall? David Carmean (Feb 25)
    - Re: Virus/trojan tunnel out from behind firewall? Rich Puhek (Feb 25)
    - Re: Virus/trojan tunnel out from behind firewall? Ben Efros (Feb 26)
  - Re: Virus/trojan tunnel out from behind firewall? Mike Shaw (Feb 25)
    - RE: Virus/trojan tunnel out from behind firewall? M.Verba (Feb 26)
- Re: Virus/trojan tunnel out from behind firewall? Ryan Russell (Feb 25)