[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Blocking Music Sharing.

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Blocking Music Sharing.
From: Scott Manley <djsnm@xxxxxxxxx>
Date: Mon, 15 Sep 2003 14:12:40 -0700

Snort rules and port blocking of non-essential services are all very well but they'll never stop anything - anyone remember the CDC's much publicised 'Peek-a-Booty' I remember them commenting that it was going to run over SSL on port 443 by default - after all which sysadmin is going to shutdown SSL traffic on 443? And since it's SSL you're not going to be able to sniff it.

I'm not sure if there are any more popular p2p apps that could get away with this trick, so it's not a real threat for the moment.

You might want to look at vulnerability scanners, detecting the running client on a host machine is a good possibility, although many p2p clients can operate without listening ports on every host.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Blocking Music Sharing.
  - From: Todd Mitchell - lists

Prev by Date: Re: [Full-Disclosure] Blocking Music Sharing.
Next by Date: Re: [Full-Disclosure] new ssh exploit?
Previous by thread: RE: [Full-Disclosure] Blocking Music Sharing.
Next by thread: RE: [Full-Disclosure] Blocking Music Sharing.
Index(es):
- Date
- Thread