Hacker News new | past | comments | ask | show | jobs | submit login

I'm no expert but shouldn't servers be behind some sort of firewall so they won't download code (or anything else) from random remote machines? Why would a server need unfettered access to the outside internet during standard operations?



They should, but they often aren't. Also, even if they are, this can be exploited with a port number the attacker picks. So unless you specifically whitelisted what outbound hosts your machine can reach and only those (which is rarely done and not always possible), it isn't likely to help.


Maybe that server needs to talk to other servers on the internet.


Updates.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: