Snort mailing list archives
Re: Fw: Latest libpcap & tcpdump sources from tcpdump.org contain a trojan
From: Edin Dizdarevic <edin.dizdarevic () interActive-Systems de>
Date: Thu, 14 Nov 2002 16:18:42 +0100
-> >> * It's important to note that it reuses the same outgoing >> connection for the shell. This gets around firewalls that block >> incoming connections. Using connection tracking _and_ allowing all outgoing traffic is not a really good idea, as far as I understand this. However, for personal purposes this may be the case, corporate firewalls should not allow this. Especially people having MS workstations should forbid this anyway. Regards, Edin_ -- Edin Dizdarevic -------------------------------------------------------This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Fw: Latest libpcap & tcpdump sources from tcpdump.org contain a trojan hackerwacker (Nov 13)
- Re: Fw: Latest libpcap & tcpdump sources from tcpdump.org contain a trojan Edin Dizdarevic (Nov 14)