libpcap, vmware, firewall bypass

Discussion in 'other security issues & news' started by trojan, May 25, 2006.

Thread Status:
Not open for further replies.
  1. trojan

    trojan Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    123
    Location:
    london
    I read about this idea sometime ago and have seen a few linux apps / malware using this method , does anyone know how current windows firewalls would fair against this method. Basicly using the libpcap liabry to both send and recive data right under the firewalls nose lol , also simular things i belive can be done with virtual network adaptors like those created by vmware. has anyone seen any windows malware using these methods? :cool:

    Their is a good description of this method on the link below
    http://www.securityfocus.com/infocus/1831
     
    trojan, May 25, 2006
    #1
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    This is year-old stuff.

    I would be more concerned with preventing something from "coming in 'over the top'" than worrying about it getting out.
     
    Rmus, May 25, 2006
    #2
  3. trojan

    trojan Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    123
    Location:
    london
    Thankyou for that detailed technical explanation Rmus your a credit to your creators:D
     
    trojan, May 25, 2006
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...