Snort mailing list archives
Antwort: Re: Antwort: RE: Snort-Machine = Security Hole?
From: ks () schuricht de
Date: Thu, 12 Jul 2001 22:01:45 +0200
Hi Ramin,
Please help me understand this: if you don't have connectivity to the Internet (by means of the lack of default gateway, or blocking the Internet connectivity on the firewall, ...) how can a buffer overflow exploit, gives an attacker an active
If, for example, snort have an exploit that a packet with 42 byte length will cause a buffer overflow. The hacker now executes some code to set the default gateway... Or: If he cant set the default gateway, he use code to use the second nic (connected to you local network) to build a http-tunnel to his machine using your proxy... or...and so on :) I think there are several ways (also with cutted send :). Best regards, Kai. -- Abt. eBusiness / Entwicklung D. Schuricht GmbH & Co. KG http://www.schuricht.de _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Antwort: Re: Antwort: RE: Snort-Machine = Security Hole? ks (Jul 12)