Re: Exploit through firewall question

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo mr.nasty!

On Wed, 19 Jul 2006, mr.nasty@xxxxxxxxxxxxx wrote:

What would be the reason to test behind the firewall?

Lots of reasons. How about this one:

1. admin takes laptop home for weekend.

2. admin works at home, and while web serving gets infected with a
trojanC from a web ad.

3. admin returns to work and plugs his laptop in behind the firewall.

4. the trojan in admin's laptop downloads a rootkit, a port scanner
and a reverse shell.

5. the trojan installs rootkit to hide itself then scans the local net
for easy targets.

6. the trojan phones home with the reverse shell and uploads the
list of new found vulnerable hosts/ports.

7. hacker now has unlimited access to your network from behind the
firewall.

Happens ALL the time.

Some folks would call a network like yours an M&M network. Hard and
crunchy on the outside, but soft and chewy on the inside.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
gem@xxxxxxxxxx Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEvnXJ8KZibdeR3qURArU6AJ9+iCD02fi1i2C1ATq21mvkgQ9MaACg0Qqj
05LSrecXFpaE52LSk8o50V8=
=bQu3
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@xxxxxxxxxx for details.
------------------------------------------------------------------------------

Relevant Pages

  • Re: Bleach and Spanish . . .
    ... what admin tasks does Apple prevent you ... DLL hell is also when DLLs magically get corrupted, ... if I leave the laptop ... Because the entire multitasking, protected memory operating system ...
    (rec.arts.anime.misc)
  • Re: Bleach and Spanish . . .
    ... what admin tasks does Apple prevent you ... the admin user account only when I have to do administrative tasks. ... DLL hell has been gone for, what, a decade now? ... if I leave the laptop ...
    (rec.arts.anime.misc)
  • Re: Someone figure out my mistake!
    ... >> Scanners: 7th Sphere and lots of bombers. ... >> a)Scanned the IP Address of my laptop. ... >> someone to activate the trojan in the victim's PC?? ... > say youre trying to hack your laptop, which means you would have known ...
    (alt.2600)
  • Re: Adding new users to a w2k server failure
    ... Is the laptop by chance XP Home Edition and not XP Pro?? ... Our network admin left on bad terms last week and is unavailable for ... I am the next best thing to an admin. ...
    (microsoft.public.windows.server.sbs)
  • Re: Access Denied - Old Desktop HD
    ... Administrator account is normally blank. ... Also See: Forgotten your Windows XP Home passwordhttp://support.microsoft.com/kb/894902/en-us ... new laptop comes. ... NO Admin access). ...
    (microsoft.public.windowsxp.general)
Quantcast