kracksmith
join:2004-07-14
Fullerton, CA
| trojans and outbound policies
If i control what outbound i need like only permit port 80 and maybe 3389 outbound, do i need to worry about trojans?
which means if they some how installed a agent or trojan, they can't contact their server because my outbound is limited to only port 80 and 3389. which i can probably change the default port 3389 to something else. |
|
mysec
Premium
join:2005-11-29
| Your firewall may alert to an unauthorized application/port:
[Netsky worm]
However, Leaktests have shown that there are ways of bypassing some firewalls. For instance, code injection - piggy-backing onto the browser through port 80 - so that other means of catching outbound attempts may be necessary.
The best solution is to not let any malware install 
regards,
-rich
______________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."
--Bruce Schneier |
|
