|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: actions to jump2.eudora.com
From: Bluefish (P.Magnusson) (11a
GMX.NET)Date: Mon Aug 28 2000 - 10:48:59 CDT
- Next message: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Previous message: Bluefish (P.Magnusson): "Re: os/2 shellcode?"
- In reply to: Peter Batenburg: "actions to jump2.eudora.com"
- Next in thread: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Reply: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> # Deny all TCP traffic to and from jump2.eudora.com (eudora backdoor)
> ${fwcmd} add deny tcp from any to 208.184.225.10
> ${fwcmd} add deny tcp from 208.184.225.10 to any
echo "ip_of_your_webserver jump2.eudora.com" >> hosts
(or) echo "127.0.0.1 jump2.eudora.com" >> hosts
(or) adding the same values to a cache'ing only DNS server
will ""solve"" this problem.
Experiments on how Eudora responds to a malicious server would be
interesting. Would seem like fooling users to run
"my_very_malicious_software.exe" would be rather trivial if you poison the
DNS.
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
- Next message: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Previous message: Bluefish (P.Magnusson): "Re: os/2 shellcode?"
- In reply to: Peter Batenburg: "actions to jump2.eudora.com"
- Next in thread: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Reply: Bluefish (P.Magnusson): "Re: actions to jump2.eudora.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]