¨Useful against networks that block incoming
connections but allow outgoing connections
¨Allows attacks to gain command-line
access to victim machine
–victim machine’s configuration need not
be modified
–No additional software needs to be
installed on victim machine
¨