I think that a possible solution of a remote attack against a host with all service ports closed is to use some ARP exploits. A few exploits were released in the past (many OSes fell prey to this including Linux, *BSD, routers and even Windows) but I can't point you to some recent ones. Try a search on Google with some subjects including ARP and exploit(s). Also browse the exploits on insecure.org or packetstorm...
regards, Seba > Hey there, > > I was just wondering. I know the rule is everything can be cracked. But can > anyone point me to info on how to crack something with no ports open or/and > perhaps tell me how that's called (so I can search...). To me it seems > impossible but I have a feeling that's a false sense of security and I'd > like to get a better understanding of this so I can take appropiate actions > on my servers. Also I think this knowledge will come in handy in the future > since I gotta write a firewall on linux for a DMZ and LAN set up in like a > week or so and I don't want to tell my boss that the webserver is the only > thing that can be cracked because that's the only service we run if that > ain't so, although the chance someone with that knowledge/expertise will > hunt us will probably be nihil. > > Kind regards, > > Ferry van Steen
