Ummm.. Aren't the virus writers already further along than this? I've seen a few recently that open up no ports. Instead the can tunnel their traffic as outbound HTTP traffic.
Think of GOTOMYPC.COM but packaged as a virus., and with more features. Remote control., remote key logging, remote install of software.. Firewall traversal over outbound port 80. Using Internet Explorer embeded ACTIVEx/JAVA controls so that ZoneAlarm et al silently pass this traffic.. These already exist. Maybe I'm missing the point. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] Behalf Of Christian ALT Sent: 2004, February 23, Monday 3:57 PM To: [EMAIL PROTECTED] Subject: [FW-1] Port Knocking While I was preparing soem news for our web site I reviewed the port knocking method for awakening a trojan. Although it is not relativ to VPN-1 I thought it would be interesting to let the list know of this concept that was discussed a while ago on slashdot. http://www.tla.ch/TLA/NEWS/2004sec/20040224PortKnocking.htm Christian ALT Telecom and Logistics Associates Network and Secuirty Company http://www.tla.ch --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.590 / Virus Database: 373 - Release Date: 16.02.2004 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= http://www.primeinc.com ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please reply to the sender of the message. The views expressed in this correspondence may not reflect the views of Prime, Inc. This footnote also confirms that this email message has been scanned for the presence of computer viruses. ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
