> What kind of things can internal users do (inadvertantly or intentionally)
> to expose a network that allows incoming TCP packets destined for ports >1023?
> Can an intruder get in without inside help (either inadvertant or intentional)?
I heard a story this week. It seemed that one site setup filters to
permit port>1023 access, excepting X and openwin, and thought they were ok.
One user decided that he "REALLY" had to have access so he reset telnet
(or rlogin, I am not sure) to listen to a port equal to his phone
extention. (eg 4532.) This worked so well, that his buddies all had him do
the same for them. Now, each machine listened on a different port...
Need I say more?
BTW I talked to ANS about their solution for a firewall for X.
When you don't have DES encryption at both ends, their secure system
for X isn't. They don't like me anymore. ;-)