nice post @devdevcharlie, I think people need protection at multiple levels. Reverse shells can be hidden in various resources and written in various languages.
It's particularly efficient, as firewalls won't block outgoing connections, most of the time. If you are in corporate environment, software and user restrictions are strongly recommended.
Reverse shells are hard to detect and stop, but there are good practices. So far, the following approach helps:
block unused ports
turn off all services, software, features you don't use
monitor outgoing traffic, especially for shell commands
vulnerability scans + pen-tests, as it happens after initial access
security awareness and training to mitigate phishing
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
nice post @devdevcharlie, I think people need protection at multiple levels. Reverse shells can be hidden in various resources and written in various languages.
It's particularly efficient, as firewalls won't block outgoing connections, most of the time. If you are in corporate environment, software and user restrictions are strongly recommended.
Reverse shells are hard to detect and stop, but there are good practices. So far, the following approach helps: