David Carmean wrote: > > Greetings. New to the list; have looked through a few months of > the archives and hadn't seen this come up: > > Have there been any cases of a trojan/virus/etc tunnelling out from > behind a firewall and thus providing an attacker a way into the > "chewy center"? Do you mean a trojan/virus that actively establishes a tunnel through SSH, etc to an outside machine as a method of bypassing a stateful firewall? Or do you just mean that a trojan/virus/etc has provided an opening despite the firewall? I'd also consider the gray areas in between, like worms/trojans that transfer into (passwds, etc) back through SMTP, HTTP, or IRC. --Rich _________________________________________________________ Rich Puhek ETN Systems Inc. _________________________________________________________ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 25 2002 - 15:14:17 PST