General discussion


Cross infection of networks

By Kuryous1 ·
It has been suggested that two networks can't cross infect if a computer has access to both networks because the second network is controlled via router with inbound ports blocked and 1 outbound port open to select computers. Yet, there is Remote Connection setup. Confirm or deny? One network is protected, the second isn't.
The select computers can access both networks.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to Cross infection of networ ...

I am a bit confused here.

Based on what I read, or perhaps misread, the client is on one segment of the network. Another segment has a firewall device which doesn't allow any traffic in, but allows clients on that subnet out.

If it is blocking all traffic into it, then the client in the other subnet couldn't pass traffic to it.

Some further details would be of assistance.

Collapse -

by Kuryous1 In reply to Cross infection of networ ...

Basically, There's 1 standard network with Internet access. The second is a group of servers for Video recording. Can someone who had access to the 1st network, transfer any viruses to the second if only receiving video replay from those servers? There is Remote connection for maintenance. The point was made that because the video servers are behind a router, no viruses can infect it from any computer that had been on the first. Hope this helps.

Collapse -

by Kuryous1 In reply to Cross infection of networ ...

Point value changed by question poster.

Collapse -

by TG2 In reply to Cross infection of networ ...

It still depends on what kind of access is let through. Are the servers streaming from port 80 (http)?

If they are, then ANY HTTP VIRUS could make it to the server. The pc's that are allowed to connect would have to be infected with something that goes after web servers, but that's a given.

If the servers are streaming from some special port, and listen to non-standard ports, then an infection would have to be custom made to effect it.

Case in point, SSH. everyone (that needs to know) knows that SSH runs on port 22. So if a person writes a virus going after a specific version of ssh, they will look to connect to the ssh server on port 22. If you run your SSH deamon on a port OTHER than 22, you will not have to worry about the bulk of the worms written for SSH because the virus writer only wrote it to check for SSH on port 22.

This is why you'll find instructions at Symantec for changing the ports to PCAnywhere, and why microsoft also added the option to run Terminal Services on a port other than 3389 .. etc.. is any of it really secure? no.. but it generally defeats most worms if you move the service from a port they look at.

Collapse -

by Kuryous1 In reply to

Thanks....this should get us going.

Collapse -

by Kuryous1 In reply to Cross infection of networ ...

This question was closed by the author

Related Discussions

Related Forums