|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] weak linux firewall?
|
On Mon, Apr 01, 2002 at 09:54:26AM -0500, Samantha Samuel wrote:
> For reasons that are not important I have win2k on a partition. My
> firewall is a linux box that has only the following ports open.
>
> Port State Service
> 21/tcp open ftp
> 22/tcp open ssh
> 80/tcp open http
> 139/tcp open netbios-ssn
> 515/tcp open printer
> 6000/tcp open X11
> 6004/tcp open X11:4
>
> When surfing the internet last night, I saw an ad that claimed my pc was
> insecure and had a snapshot of my hd, that had a pic of my folders and the
> size of my partition. Now this worries me. I know it was a pic of my comp,
> and not some generic pc because of this one folder I had.
>
> Does anyone have any thoughts on how someone could have gotten past the
> firewall and peeked into my machine?
>
> Thanks.
> --
> Samantha
> -------
Samantha:
Are you saying that you were browsing using I.E. running on Windows 2000
operating system? Is the Linux firewall on a separate computer?
Based on those assumptions, I'd say that they "got past" the firewall
by using vulnerabilities in the browser.
There is also a scam where they show you a page and it's got your
files on it... turns out the url for that page is like this:
file:///c:/
This will (on a windows machine of course) show you your files but
this does not mean that anybody else can see them.
Eric
--
# Eric Allan Lucas
# "Oh, I have slipped the surly bond of earth
# And danced the skies on laughter-silvered wings..
# -- John Gillespie Magee Jr.
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|