[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Corporate Virus Threats
- To: Bug Traq <bugtraq@xxxxxxxxxxxxxxxxx>, Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] Corporate Virus Threats
- From: Terminal Entry <Security@xxxxxxxxxx>
- Date: Thu, 29 Jun 2006 09:13:36 -0500
<HTML dir=ltr xmlns:o = "urn:schemas-microsoft-com:office:office"><HEAD></HEAD>
<BODY>
<DIV id=idOWAReplyText7838 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>When the malicious code
writers build their viruses and Trojans why not code the threats to detect the
use of proxy servers and if used, connect through them.<SPAN
style="mso-spacerun: yes"> </SPAN>Working in Corporate America, most
firewall configurations block outbound TCP 80, as the proxies listen on
other non-standard TCP ports.<SPAN style="mso-spacerun: yes"> </SPAN>A
virus should first check to determine if a proxy is used and if so use that
proxy to download the malicious code, backdoor, etc.</DIV></DIV>
<DIV dir=ltr>
<DIV>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt">Thoughts…</P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"> </P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt">Terminal
Entry</P></FONT></DIV></DIV></BODY><!--[object_id=#peadro.net#]--><P>
<HR>
<EM><FONT face=Arial size=2>This email and any files transmitted with it are
confidential and intended solely for the use of the individual or entity to
whom they are addressed. If you have received this email in error please notify
the system manager. This message contains confidential information and is
intended only for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please notify the
sender immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient you
are notified that disclosing, copying, distributing or taking any action in
reliance on the contents of this information is strictly
prohibited.</FONT></EM></P></HTML>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/