Backdoors vs Port Forwarding

What's the best way to setup a home network? Why should I care about BGP?

Backdoors vs Port Forwarding

Post by Da_Costa on Thu Feb 20, 2014 6:26 pm
([msg=79564]see Backdoors vs Port Forwarding[/msg])

Hello...
I want some help with backdoors.

A Backdoor is a server application that allows a person to run shell codes on the machine with the server, right?

So, if i install this backdoor in a machine outside my network, i need that the PORT witch the server is bind is openned... By Port Forwarding?
In the case of business... the server is at DMZ, so i don't need the port forwarding?

Is this affirmations correct?

Thanks the help
Da_Costa
New User
New User
 
Posts: 5
Joined: Thu Feb 20, 2014 6:19 pm
Blog: View Blog (0)


Re: Backdoors vs Port Forwarding

Post by Goatboy on Thu Feb 20, 2014 6:52 pm
([msg=79565]see Re: Backdoors vs Port Forwarding[/msg])

Typically a DMZ will allow most if not all traffic. In the case of needing ports forwarded, that is one way to do it. You could also have it connect back to you or connect to a C&C center somewhere for commands. Port knocking could work as well, but at that point you probably have access to the router anyway and this is a non-issue.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2816
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Backdoors vs Port Forwarding

Post by Tentra on Thu Feb 20, 2014 9:40 pm
([msg=79567]see Re: Backdoors vs Port Forwarding[/msg])

You're correct. Like goatboy said, DMZ mode will send all unassigned traffic to a specific computer.

There exists an alternative known as a reverse shell, in which the attacker has a properly opened port on his machine and instructs the victim to connect to him, once the connection is achieved, it behaves like a normal connection. In my experience, this is the preferred way to do it, as there is nothing listing on the victims computer, which looks suspicious.
User avatar
Tentra
Poster
Poster
 
Posts: 161
Joined: Wed Apr 30, 2008 4:52 pm
Blog: View Blog (0)


Re: Backdoors vs Port Forwarding

Post by Da_Costa on Fri Feb 21, 2014 8:04 am
([msg=79569]see Re: Backdoors vs Port Forwarding[/msg])

PERFECT, that what i was thinking about...

So, the idea is:

The attacker is a server and the victim is the client. The server (attacker) can send shell commands for the client. That what you talking about?

But, sometimes, even the victim is the client, some firewalls alerts the victim that that's a port getting opened by an application... I have to search if that is some method that can stop or mitigate this.
Thanks all for the response.
Da_Costa
New User
New User
 
Posts: 5
Joined: Thu Feb 20, 2014 6:19 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests