Hi,
I ask for apologize if I was unclear.
I've seen many people who understood that "bypass" was the meaning of pass
trough filtered ports, and I didn't wanted to say that.
What I've wanted to say is that if a firewall is set up to stop reverse telnet
techniques by closing all ports to let the server go to outside, and there were
deleted gcc, vi, ed (anything that could be used as a text editor) and
uudecode/uuencode (and other en/decoders), it wasn't enough to stop an attacker to
upload (xploits, etc) and download files, and obviously execute then on the server. I
saw many servers set up like this so I wanted to prevent everybody to this kind of
attack. And I thought it was important enough to be posted.
Again forgive me if I was unclear on what I've wanted to say.
Best regards,
^Shadown^
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- [Full-Disclosure] Global HIGH Security Risk ^Shadown^
- Re: [Full-Disclosure] Global HIGH Security Risk yossarian
- Re: [Full-Disclosure] Global HIGH Security Risk Jonathan Rickman
- [Full-Disclosure] Global HIGH Security Risk phenethyl
- Re: [Full-Disclosure] Global HIGH Security Risk Michael Renzmann
- RE: [Full-Disclosure] Global HIGH Security Risk John . Airey
- RE: [Full-Disclosure] Global HIGH Security Ris... Melvyn Sopacua
- RE: [Full-Disclosure] Global HIGH Security Ris... ^Shadown^
- RE: [Full-Disclosure] Global HIGH Security Risk Lance Fitz-Herbert
- RE: [Full-Disclosure] Global HIGH Security Risk Jeroen Doorn
- RE: [Full-Disclosure] Global HIGH Security Ris... Jonathan Rickman
- RE: [Full-Disclosure] Global HIGH Security... Melvyn Sopacua
- Re: [Full-Disclosure] Global HIGH Security Risk David Howe
- RE: [Full-Disclosure] Global HIGH Security Risk John . Airey
- RE: [Full-Disclosure] Global HIGH Security Ris... Melvyn Sopacua
- RE: [Full-Disclosure] Global HIGH Security Risk Jeroen Doorn
