Blaine Kahle said: > Oh come on.... [snip] ...I now have > the ability to execute arbitrary commands/software inside your network.
Yes, there are many things you can do because you've found a vulnerability on a box on my network. The point I am making is that there is one fewer thing you can do if I haven't allowed unnecessary incoming ports - you cannot put up a listener. Listeners allow you to easily control the box without making use of the exploit each time you want to do something. Most times when you can execute abitrary code with an exploit, it requires an overflow (i.e. crash). While you're trying to figure out how to make your trojan work, somebody is going to notice the server keeps crashing and eventually patch it... hopefully with code that is no longer vulnerable. If you do business on the Internet, you will be hacked. The point is to slow down the attacker as much as possible so as to minimize the damage. Allowing incoming connections to ports that do not have a specific process listening is something that should be avoided. -Mad _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
