Hijack well-known ports

Giganews Newsgroups
Subject: Hijack well-known ports
Posted by:  mc…@asia.com
Date: 2 Apr 2004

I have a LAN with personal firewall installed on all workstations.
If the firewall rules for the worskstation are:
1. Allow all outgoing traffic
2. Allow incoming traffic if the remote port is 445

Scneario:
An intruder hacked workstation and hijacked port 445.

Question:
1. Is the scenario possible? i.e. Is it possible to hijack port 445 or
well-known ports (<1024)?
2. Will intruder allowed to access all workstation?
3. How should I modified the rules to increase security?

Thanks
Chris

Replies