New SubSeven Trojan unleashed

New SubSeven Trojan unleashed
Kevin Poulsen, SecurityFocus 2001-03-13

SubSeven 2.2 makes Back Orifice look tame.

You are not 'safe' 2001-03-13
Anonymous

Behind of firewall. 2001-03-13
marceloreyes (at) netscape (dot) net [email concealed] (3 replies)

Behind of firewall. 2001-03-14
Someone (2 replies)

Behind of firewall. 2001-03-15
youps (at) hotmail (dot) com [email concealed] (1 replies)

Actually, that's not right if the firewall is well configured, you must activate the "control IP forwarding" on the firewall, to disable routing until the firewall service is up and running.

The true problems with FW1 Checkpoint is that the DNS rules is enable by default from any source to any destination. So if you set the trojan port to 53, you will be able to connect to it (depends of course of the anti-spoofing features and the address plans of the private network)

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/171/4921#4921

Behind of firewall. 2001-03-16
mailsander (at) gmx.net (dot) no-s [email concealed]pam (1 replies)

Behind of firewall. 2001-03-16
Futien

Behind of firewall. 2001-03-25
Metallist

Behind of firewall. 2001-03-22
Karmic Resonance

Re: Behind of firewall. 2007-04-20
Anonymous

Safe? 2001-03-14
FS

Subseven is also an excellent legimate RAT... 2001-03-14
SilenceGold

Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-14
David Mills (1 replies)

Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-14
SilenceGold (2 replies)

MASTER PASSWORD? 2001-03-15
Concerned (1 replies)

MASTER PASSWORD? 2001-03-16
CL

RE: Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-16
CL