Beware 'Brown Orifice'

Beware 'Brown Orifice'
Kevin Poulsen, SecurityFocus 2000-08-07

The latest in backdoor programs comes in through your web browser.

What ports does Brown orifice use, how can it be detected? 2000-08-08
Sean Boran (2 replies)

What ports does Brown orifice use, how can it be detected? 2000-08-08
morphon (at) yahoo (dot) com [email concealed]

What ports does Brown orifice use, how can it be detected? 2000-08-08
Henri Torgemane <henri_torgemane (at) yahoo (dot) com [email concealed]>

Re: Beware 'Brown Orifice' 2000-08-09
Lori Carrig (2 replies)

Re: Beware 'Brown Orifice' 2000-08-09
Bruce

Re: Beware 'Brown Orifice' 2000-08-11
netapi (2 replies)

IP not snatchable from IE? well sorta. 2000-08-11
henri torgemane

Re: Beware 'Brown Orifice' 2000-08-17
Orca_sniff

Please detail how a web-page can find your IP address behind a firewall. All firewall's I know do network address translation, so that "web page" is really only connecting through a firewall's designated port to a designated IP, not YOUR IP. Your browser may display your back-end IP as if it were output by the offending web page, but really it is generated locally on your box via a Java class. In any case, even if it displayed the back-end IP, connections from the offending web page would never do anything...10.x.x.x and 192.168.x.x are not routable.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/70/3057#3057