On Mon, 3 Jul 2000, Christian ALT wrote:
> Trojan behind a firewall, information leak outside
> Trojan behind a firewall can diffuse information to IRC channels(Chat).
<snippage> or a homebrew listener on 31337, 80, 25, &c., .... You can even
tell ircd to listen to those ports so you don't have to be smart enough to
write your own listener. A packet filter or stateful inspection engine
isn't going to be able to stop this sort of thing, and a proxy (security
server or CVP or non-CPFW) is going to be of limited use unless you proxy
every single service that passes through the firewall.
Prevention is a lot more feasible than detection and cure. Tripwire is
your friend, as are read-only filesystems where possible.
Jack Coates, Rainfinity SE
t: 650-962-5301 m: 650-280-4376
> Christian ALT
>
> TLAnew information for security concerned people
> http://www.TLAnews.com
>
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
