[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 28: 'Impersonating' existing protocols
Page 28

  
  'Impersonating' existing protocols
  Many firewalls look only at the port number
  Most firewalls only limit inbound access
  Most firewalls support much more than necessary
  SMTP, DNS, ping, etc
  Often, covert channels can simply use other open ports
      /usr/sbin/sshd -p 80
      /usr/sbin/sshd -p 443

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at SecureWorld Expo, 2003.

Presentation created using vim and MagicPoint.