libpcap, vmware, firewall bypass

Discussion in 'other security issues & news' started by trojan, May 25, 2006.

Thread Status:
Not open for further replies.
  1. trojan

    trojan Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    123
    Location:
    london
    I read about this idea sometime ago and have seen a few linux apps / malware using this method , does anyone know how current windows firewalls would fair against this method. Basicly using the libpcap liabry to both send and recive data right under the firewalls nose lol , also simular things i belive can be done with virtual network adaptors like those created by vmware. has anyone seen any windows malware using these methods? :cool:

    Their is a good description of this method on the link below
    http://www.securityfocus.com/infocus/1831
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    This is year-old stuff.

    I would be more concerned with preventing something from "coming in 'over the top'" than worrying about it getting out.
     
  3. trojan

    trojan Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    123
    Location:
    london
    Thankyou for that detailed technical explanation Rmus your a credit to your creators:D
     
Loading...
Thread Status:
Not open for further replies.