Several Desktop-Firewalls for Windows, such as Tiny Personal Firewall 2.0 or ATGuard, maybe also others, allow DNS resolving by default. That allows reversed trojans to connect to a server on port 53 and send/receive commands and informations without the user knowing it. The firewall permits any communication to any server on port 53 UDP. I wrote a small trojan in VB and tested it with Tiny Personal Firewall 2.0 and it worked. Solution: Change the default rules for DNS to a fixed host, for example to the DNS server of the ISP or the DNS server in the local network. cu Chris (decoder)
