Q

Promiscuous-mode sniffing backdoor

For the promiscuous-mode sniffing backdoor, won't all back-door traffic look like it's coming from the compromised machine?
No, because the backdoor can send its responses using spoofed messages. Therefore, all data looks like it's going to and coming from the address of the system without the sniffer. In fact, the sniffer is grabbing the traffic for the backdoor, and the backdoor is spoofing its replies.


For more information on this topic, visit these other SearchSecurity.com resources:
Webcast archive: Keeping the bad guys out -- defensive strategies revisited, with Ed Skoudis


This was first published in July 2002

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close