On December 24, 2015 10:45:36 AM PST, Greg Freemyer
* stakanov@freenet.de
[12-24-15 07:18]: [...] Somebody who does not want to use "remote" at all. What can he do to un-install every remote package. The problem is that if you un-install openssh a lot of applications of kde seemed to complain. [...]
So don't "uninstall", just don't open the firewall ports.
No open ports, no external access. Now only physical access is a
On Thu, Dec 24, 2015 at 8:56 AM, Patrick Shanahan
wrote: problem. For completeness:
A modern malware attack often uses a reverse tunnel.
ie. malware gets on the machine via a phishing attack or an infected website.
Once on your machine it establishes outbound connections to a command and control site that tells it what to do.
No inbound connections are needed so a traditional firewall blocking incoming posts has no effect.
I would guess the majority of infections today happily ignore inbound firewalls.
Greg
If they are very sophisticated they csn hide outbound ports from some tools, probably not all. Using netstat you can look at all the outbound connections, and explain every one of those to yourself. Fairly easy to do on your own workstation, but quite a task on your gateway. -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org