[Snort-sigs] Reverse shell
aislingbrennan21 at ...2420...
Mon Mar 25 03:04:59 EDT 2013
Reverse shells allow access to internal systems without having incoming access to the network.
Reverse shells force an internal system to actively connect out to an external system.
Reverse shells can operate using any protocol/port combination that is allowed out of your network.
Netcat - any TCP/UDP port
Cryptcat - any TCP/UDP port with encryption
Loki & Ping Tunnel - ICMP
Reverse WWW Shell - HTTP
DNS Tunnel - DNS
Sneakin - Telnet
Stunnel - SSL
Secure Shell - SSH
Custom Reverse Shell
It is a method a hacker would use to access our systems that are behind a firewall.
More information about the Snort-sigs