Snort mailing list archives
Re: deny default outbound (was Reverse shell)
From: Bennett Todd <bet () rahul net>
Date: Mon, 25 Mar 2013 13:02:47 -0400
2013-03-25T12:44 scastle () bouldercounty org:
Funny how some workstation suddenly using DNS or SMTP directly to the
outside is such a red flag...;) Indeed! It says something that the provided infrastructure for such protocols has worked so well, and been so available, that unplanned apps using them are sometimes, perhaps even often, tunneling illicit traffic, or trying to break legitimate uses. Spam had been a DoS attack ever since it was popularized by the reaction to the green card lawyers, and DNS's lack of security has been popular for amplification attacks, cache poisoning, and remote network mapping.
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Re: deny default outbound (was Reverse shell) Bennett Todd (Mar 25)
- Re: deny default outbound (was Reverse shell) Castle, Shane (Mar 25)
- Re: deny default outbound (was Reverse shell) Bennett Todd (Mar 25)
- Re: deny default outbound (was Reverse shell) Castle, Shane (Mar 25)