Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking Music Sharing.

From: Scott Manley <djsnm () djsnm com>
Date: Mon, 15 Sep 2003 14:12:40 -0700
Snort rules and port blocking of non-essential services are all very well but they'll never stop anything - anyone remember the CDC's much publicised 'Peek-a-Booty' I remember them commenting that it was going to run over SSL on port 443 by default - after all which sysadmin is going to shutdown SSL traffic on 443? And since it's SSL you're not going to be able to sniff it.
I'm not sure if there are any more popular p2p apps that could get away with this trick, so it's not a real threat for the moment.
You might want to look at vulnerability scanners, detecting the running client on a host machine is a good possibility, although many p2p clients can operate without listening ports on every host. 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: