[EMAIL PROTECTED] wrote:
>
> John wrote:
> > [Can BO2K open connections through my firewalls?]
>
> If you are allowing inbound connections to the pc running B02K on the UDP
> port that BO2K server is listening for then the firewall will allow the
> connection. It's all in the firewall rules. If its allowed it gets through
> if its denied it gets dropped.
That wasn't John's question. He was asking if the BO2K client could
automatically open connections from the inside out, if configured to
do so.
The answer is: yes, probably. It would depend on what kind of
connection the trojan attempted to open, and what kind of communication
you allow from the inside out.
One could however safely assume that you allow your inside machines
to talk HTTP to the outside world. If the BO2K is fitted with a HTTP
tunnel plugin (I don't know if one exists, but it would be easy to
write), it could quite conceivably open connections from the inside
out.
Sure, the plugin would need to know what proxy to talk to
(you were running SOCKS?), but a smart enough trojan could simply
look up what your browser settings are, and behave the same way
a browser would. (This isn't quite as simple to do, but it is
still quite doable.) It all depends on how determined the
attacker is :)
Bottom line: if someone can install arbitrary software on your
machines and have it run, and if you allow any form of communication
with the outside world, you're pretty much out of luck.
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/ E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
