- Jan 3, 2012
- 9
- 0
- 18,510
I noticed an interesting attack on my fully patched windows 7 home premium system at the standard user level:
I don't know exactly how this was done, but I do have some traces (Keep in mind that I had disabled UPnP services beforehand):
1. Auto proxy checker had executed.
2. Teredo Tunneling and about 15 ISATAP tunneling adapters were created.
3. Malware successfully bypassed my two-way firewall and transmitted to the outside.
It looks like malware is able to successfully use ipv6 Teredo Tunneling and ISATAP tunneling to confuse my two-way firewall and use tunneling loops to send traffic outside. I had UPnP blocked, but they used tunneling tricks to bypass the firewall rules.
Because the use of tunneling loops bypassed my firewall rules I would like to permanently disable the actual services for VPN and tunneling on my Windows 7 machine. What services need to be disabled to make my Windows 7 machine absolutely VPN and tunnel proof?
Thanks
I don't know exactly how this was done, but I do have some traces (Keep in mind that I had disabled UPnP services beforehand):
1. Auto proxy checker had executed.
2. Teredo Tunneling and about 15 ISATAP tunneling adapters were created.
3. Malware successfully bypassed my two-way firewall and transmitted to the outside.
It looks like malware is able to successfully use ipv6 Teredo Tunneling and ISATAP tunneling to confuse my two-way firewall and use tunneling loops to send traffic outside. I had UPnP blocked, but they used tunneling tricks to bypass the firewall rules.
Because the use of tunneling loops bypassed my firewall rules I would like to permanently disable the actual services for VPN and tunneling on my Windows 7 machine. What services need to be disabled to make my Windows 7 machine absolutely VPN and tunnel proof?
Thanks
Facebook
Twitter
Instagram