RE: what is the good way against reverse telnet?

["Liran Cohen" <theog () office artnet co il>]

In addition to snort, which may provide a pretty good idea regarding the attack (maybe even trigger a rule that will 
record some data...), in addition, you may install an application controll firewall (kerio personal firewall, 
zonealarm, ISS desktop protector ...) and find the malware installed on that server (take into account that if they 
hacked into one server, they may hack their way through to more sensitive information ).


Liran cohen 
Security and communication consultant
ArtNet Experts


-----Original Message-----
From: Monty Ree [mailto:chulmin2 () hotmail com] 
Sent: Monday, January 31, 2005 3:54 AM
To: security-basics () securityfocus com
Subject: what is the good way against reverse telnet?

Hello, all.

I have operated firewalled linux webhosting server.
But only input traffic is secured and outbound traffic is totally opened by firewall.

So some attacker attacked these servers using reverse telnet.
So is there any method in order to protect against reverse telnet?
Any method or solutions without prohibitting outbound traffic?

Thanks in advance.

_________________________________________________________________
전세계인이 함께하는 웹 메일 서비스인 MSN Hotmail을 만나 보세요.    
http://loginnet.passport.com/login.srf?id=2&svc=mail&cbid=24325&msppjph=1&lc=1042