Re: [PEN-TEST] penetrating trojan

[Simon Waters <Simon () wretched demon co uk>]

"Randall, Mark (ISSCalifornia)" wrote:
> > Why did I never encounter such a trojan? Am I missing
> > something ... has anybody heard of such attacks?
>
> Makes the attacker vulnerable.  If the trojan made connections out, then the
> attacker would be known upon discovery of the trojan.

I vaguely recall a program that posted sensitive Windows information on
affected machines to a newsgroup. I guess any broadcast or anonymous
medium would do.

https also has some advantages for this type of trojan - e.g. lack of
proxies/intermediaries, whilst highly likely to be available. No one
will bother looking/filtering the contents as it is suppose to be
encrypted.

I think DNS is least likely to be filtered, or require authentication to
initiate.

Of course there are less reasons with todays proxies why the end user PC
need have unrestricted access to the Internet DNS, but people seem to
have enough problem with configuring DNS to work correctly, let alone
not configuring it to improve security. Dynamic DNS's could add another
twist.

Anyone know whether Lotus Notes usage of an seperate name service was a
clever design decision, or just a result of historical accident?