Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 192)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 192

DNSserverthroughthefirewall.Iftheresultispositive,wecanstructureanattack

basedonport53relatedvulnerabilities.

OnepossibleattackoptionistouseTrojanhorse.AccordingtoDOShelp,TCPport53

isapopulartargetofTrojanhorseattack

63

. A toolthatcan beusedforthisattackis

BackOrifice.

BackOrificeis,inessence,aremoteadministrationtool.AccordingtoPCHelp:

“Itgives"systemadmin"typeprivilegestoaremoteuserbywayofthecomputer's

Internetlink.Whatdoesthismean?ItmeansthatifBackOrificeisrunninginyour

computer,aremoteoperatoranywhereontheglobalInternetcangainaccessanddo

almostanythingyoucandoonyourcomputerandsomethingsyoucan'tdoall

withoutanyoutwardindicationofhispresence.

BackOrificecanarrivedisguisedasacomponentofpracticallyany software

installation.Itcan beattachedtootherfilesorprogramsorrunonitsown. Itmustbe

run,byitselforbyanotherapplication.Ittheninstallsitselfinseconds,typically

erase s theoriginal,thenmayrunaspecifiedprogram.To theuserinstallingan

"infected"application,itwillappearthatallwentnormally.Butfromthatmoment

forward,yoursystemofferseasyandcomprehensiveaccessanytimeitisconnectedto

theInternet.”

64

With thistool,wecangaincontrolofthetargetedFW1installation.ForGIACto

workagainstthisrisk,coupleof thingscanbedone:

n Disablethedefaultport53option.

n SetuparulethatallowzonetransferonlybetweentheoffsiteDNSserverand

theonsiteone.Blockallotherzonetransferrequests.

n InstallBODetect

65

(aproductspecifically designedfordetectingBackOrifice

attacks) onthefirewall.

63

http://www.doshelp.com/trojanports.htm

64

http://www.nwinternet.com/~pchelp/bo/bo.html

65

http://www.cbsoftsolutions.com/Products/products.htm

1 2 ... 187 188 189 190 191 192 193 194 195 196 197 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 192