pc on private network with backdoor--can it be accessed?

[ftechguy]

The latest mydoom, beagle, netsky variants all seem to leave backdoors on the machines they infect. If such a machine is on a private network with private IP, can it still be accessed by the virus writers from outside the network (assuming no firewall)? If it can, how is it done?

And with that, if there is a firewall (at the gateway), would this effectively block the infected machine from both transferring the "i've been hacked" acknowledgement and any subsequent attempts by virus writers to use the back door?

 

[AlexIT]

Yes and no. The trojans actually connect to a (or many) pre-programmed IP address(es) so a firewall that allows outgoing connections won't stop the connection. Now the machine can be accessed through the trojan program, in effect placing a command where the trojan accesses it. It depends on your type of firewall how you can resolve this, but usually you deny in/out for all ports that you aren't using.

Alex

 

[ftechguy]

Ah ok, so it seems a firewall will become a completely essential device instead of just some useful security device to buy if budget allows. Well that's how times are now I guess. Thanks for the info, Alex!