Ben Laurie[SMTP:[EMAIL PROTECTED]] wrote:
[EMAIL PROTECTED] wrote:
Jay D. Dyson writes:
-BEGIN PGP SIGNED MESSAGE-
On Tue, 27 Nov 2001 [EMAIL PROTECTED] wrote:
Hrm, how about a worm with a built-in HTTP server that
installs itself
on some
Derek Atkins [EMAIL PROTECTED] writes:
Hrm, how about a worm with a built-in HTTP server that installs itself
on some non-standard port, say TCP/28462 (to pick one at random)?
Too easy to detect. Encrypt the key in some key known only to the
attacker, and start leaking little bits of it in
Jay D. Dyson writes:
On 27 Nov 2001, Derek Atkins wrote:
Hrm, how about a worm with a built-in HTTP server that installs itself
on some non-standard port, say TCP/28462 (to pick one at random)?
Craftier still, backdoor an existing service that behaves normally
until it
[EMAIL PROTECTED] wrote:
Jay D. Dyson writes:
-BEGIN PGP SIGNED MESSAGE-
On Tue, 27 Nov 2001 [EMAIL PROTECTED] wrote:
Hrm, how about a worm with a built-in HTTP server that installs itself
on some non-standard port, say TCP/28462 (to pick one at random)?
On Tue, 27 Nov 2001, Ben Laurie wrote:
Yeah right - so it sets up an outgoing connection to some webserver to
pass on the info. Firewall that.
Easy, have your firewalling software keep a list of all the connections
you allow. Each time a connection to a machine not on the list occurs it
asks
