3 Nov
2001
3 Nov
'01
12:15
Hi! On Fri, 2 Nov 2001, Roman Drahtmueller wrote:
* The attacker must be able to connect to at least one open (unfiltered) tcp port.
Does this apply only to incoming connections, or to outgoing connects, too? (Yes I know, the wording implies the former...) In other words: am I safe (from external attacks) if the box offers no services to the Internet, but just to the intranet? And: does "able to connect" include connects that are immediately broken because of hosts.deny rules? Or does an attack require a more "permanent" connection? Bye, Martin