|
|
|
|
|
|
by beermonster
1638 days ago
|
|
|
From the article:
“.. a port knocking backdoor with multiple targets such as Solaris, Linux, FreeBSD, HP-UX, JunOS, OS X” So this was far more reaching than Windows. To answer what ordinary users can do: Against a well funded adversary hell bent on getting access to your systems/data - probably not a lot! In the case of NSO group even a fully patched iPhone wasn’t going to help you. However, on reading this article my first thoughts are if this method evades detection by not having a listening port that a network scan or locally using ss/netstat can detect then perhaps you would still be able to benefit from egress filtering (only allowing outbound connections to things you need and blocking the rest). On a router most connections are through the router (FORWARD table) as opposed to directly locally originated and outbound (OUTPUT table). |
|
|
Well, you can - you just need to live a mostly offline live with few, highly hardened devices and enter you passwords under a blanket. Edward Snowden does manage, after all. But you'll have to skip on a lot of enjoyment - new software, games, even Netflix - forget it.
The real question is, is it worth to you to live such a live. Probably not.