[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: critical security vulnaribility fixed in Tor 0.1.2.16



Perhaps someone else has an answer for this.
Nothing in coderman's short answers have made this clear to me. The answers look rather confusing to me, sorry.
How could someone remotely access port 9051 on my computer protected by a physical firewall, when the firewall is blocking access to that port?

Someone else that knows more about this, please answer and explain.
What are the risks running a version pre 0.1.2.16 or pre .0.2.0.4alpha if a server/client is protected by a physical firewall?

Thanks,
Viking



coderman skrev:
On 8/4/07, vikingserver@xxxxxxxxx <vikingserver@xxxxxxxxx> wrote:
  
 So in order to get attacked and get the torrc file modified, you first have
to get infected by a worm, virus, malware or trojan horse that communicates
with localhost:9051?
    

no.


  
 There is no way that someone could directly attack me through port 9051
behind a physical firewall? Is this correct?
    

what do you mean directly?  your firewall protects against remote
connections, but direct connections can be made from localhost.


  
 If this is correct, then the chance of getting attacked behind a physical
firewall is very low, right?
    

no.

best regards,