John has a proxy server on his network which caches and filters web access. He shuts down all unnecessary ports and services. Additionally, he has installed a firewall (Cisco PIX) that will not allow users to connect to any outbound ports. Jack, a network user has successfully connected to a remote server on port 80 using netcat. He could in turn drop a shell from the remote machine. Assuming an attacker wants to penetrate John’s network, which of the following options is he likely to choose?
A.
Use HTTPTunnel or Stunnel on port 80 and 443
B.
Use reverse shell using FTP protocol
C.
Use Monkey shell
D.
Use ClosedVPN
Explanation:
As long as you allow http or https traffic attacks can be tunneled over those protocols with Stunnel or HTTPTunnel.