On Fri 31 Mar 2017 at 14:18:04 +0200, to...@tuxteam.de wrote: > On Sat, Apr 01, 2017 at 01:00:45AM +1300, cbannis...@slingshot.co.nz wrote: > > [...] > > > My understanding is that if there are no services listening on a port then > > it cannot be accessed. > > > > e.g. > > > > http://serverfault.com/questions/733633/if-no-service-is-listening-on-a-port-can-a-system-still-be-accessed-using-that-p > > > > An I missing something?
I rather thought cbannister had the correct idea: nothing listening; therefore no access. > As Dominik said: it's "defense in depth". If your PHP^H^H^H web application > has some code injection issue, your adversary might well install a C&C > server listening on that port, and work from there on (exfiltrate data, > try some privelege escalation, whatever). > > Now there might be other avenues for that, but security is about closing > the avenue your adversary is going to use next ;-) If someone unauthorised is on your machine can they not just as well remove firewall rules? -- Brian.
