Full Disclosure mailing list archives
Re: Global HIGH Security Risk
From: ^Shadown^ <shadown () bariloche com ar>
Date: Fri, 7 Feb 2003 01:16:34 -0300
Hi, I ask for apologize if I was unclear. I've seen many people who understood that "bypass" was the meaning of pass trough filtered ports, and I didn't wanted to say that. What I've wanted to say is that if a firewall is set up to stop reverse telnet techniques by closing all ports to let the server go to outside, and there were deleted gcc, vi, ed (anything that could be used as a text editor) and uudecode/uuencode (and other en/decoders), it wasn't enough to stop an attacker to upload (xploits, etc) and download files, and obviously execute then on the server. I saw many servers set up like this so I wanted to prevent everybody to this kind of attack. And I thought it was important enough to be posted. Again forgive me if I was unclear on what I've wanted to say. Best regards, ^Shadown^ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Global HIGH Security Risk, (continued)
- Re: Global HIGH Security Risk Jonathan Rickman (Feb 03)
- Re: Global HIGH Security Risk Benjamin Keller (Feb 03)
- Re: Global HIGH Security Risk Michael Renzmann (Feb 04)
- Re: Global HIGH Security Risk Benjamin Keller (Feb 03)
- RE: Global HIGH Security Risk bugtraq (Feb 03)
- Re: Global HIGH Security Risk David Howe (Feb 04)
- Global HIGH Security Risk phenethyl (Feb 03)
- re: Global HIGH Security Risk ^Shadown^ (Feb 03)
- Re: re: Global HIGH Security Risk David Howe (Feb 04)
- Re: re: Global HIGH Security Risk Jonathan Rickman (Feb 04)
- RE: Global HIGH Security Risk John . Airey (Feb 04)
- Re: Global HIGH Security Risk ^Shadown^ (Feb 06)
- RE: Global HIGH Security Risk Lance Fitz-Herbert (Feb 04)
- RE: Global HIGH Security Risk Jeroen Doorn (Feb 04)
- RE: Global HIGH Security Risk Jonathan Rickman (Feb 04)
- RE: Global HIGH Security Risk Melvyn Sopacua (Feb 04)
- Re: Global HIGH Security Risk Peter (Feb 04)
- RE: Global HIGH Security Risk Jonathan Rickman (Feb 04)
- Re: Global HIGH Security Risk Jonathan Rickman (Feb 03)
- RE: Global HIGH Security Risk Melvyn Sopacua (Feb 04)
- RE: Global HIGH Security Risk John . Airey (Feb 05)
- RE: Global HIGH Security Risk Jeroen Doorn (Feb 05)
- RE: Global HIGH Security Risk Melvyn Sopacua (Feb 05)