On Thu, Oct 06, 2005 at 10:06:24AM +0100, PASTOR ADRIAN wrote: > Please, if you know anything related to backdoors intercepting > commands from log files send me some links. Ideas, comments and flames > are more than welcome :-) .
I myself use this method to open up the SSH port for a particular IP address. When you try to open a particular URL on my website, you get a 404 because that document doesn't exist. The webserver logs this. A script in the background sees in the log that this happened, and opens up port 22 to the IP address which requested the non-existant URL. -- Jurjen Oskam _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
