TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Is there even a unix version for Netbus. Last time I checked it was only for
Winhoes...sorry windows...
>From: Robert Zachary <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: RE: Netbus ?
>Date: Fri, 21 Jan 2000 15:44:39 -0600
>
>TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
>[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
>problems!
>----------------------------------------------------------------------------
>
>Keep in mind that they may be also running this as a daemon to lure script
>kiddies. I have done this myself. Do notify the victimsystem as a
>courtesy.
>
>Rob
>
>/------------------------------------------/
>Robert Zachary
>Analyst
>Information Security
>Tandy Information Services
>817.415.0675
>[EMAIL PROTECTED]
>
> > -----Original Message-----
> > From: Gary McIntyre [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, January 21, 2000 2:12 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Netbus ?
> >
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of
> > your message to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help
> > with any problems!
> > --------------------------------------------------------------
> > --------------
> >
> >
> > It certainly looks that way. I know of no legitimate
> > applications which
> > hold port 12345 open for sessions, besides NetBus. Have you
> > informed the
> > various victims of the problem?
> >
> > Gary McIntyre
> > Network Consultant
> > LGS Group Inc.
> > [EMAIL PROTECTED]
> >
> > This user's PGP Public Keys can be
> > obtained from certserver.pgp.com
> >
> > ----- Original Message -----
> > From: "Data_surge <[EMAIL PROTECTED]>@LGS"
> > <IMCEANOTES-Data+5Fsurge+20+3CGn0+40datasurge+2Ecom+3E+40LGS@e
> > -commerce.com>
> > To: "[EMAIL PROTECTED]"
> > <[EMAIL PROTECTED]>
> > Sent: Friday, January 21, 2000 2:40 PM
> > Subject: Netbus ?
> >
> >
> > >
> > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of
> > your message
> > to
> > > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> > > problems!
> > >
> > --------------------------------------------------------------
> > ------------
> > --
> > >
> > > Hey there all,
> > > Lately i have been scanning a number of host for record
> > purposes, and on a
> > > number of large isp and e-commerce sites i have found a
> > port open for
> > netbus
> > > the
> > > port is 12345 i did not beleive it at first and got my
> > port listing docs
> > > out
> > > to verify that it was something elese and on both counts it came up
> > > unverified.
> > > I can say safley say that the largest isp in my country has
> > been ifected
> > > with
> > > netbus. Here is one of the logs.
> > > Starting nmap V. 2.3BETA13 by [EMAIL PROTECTED]
> > ( www.insecure.org/nmap/ )
> > > Interesting ports on the url ? (a ip:0)
> > > Port State Protocol Service
> > > 21 open tcp ftp
> > > 22 open tcp ssh
> > > 23 open tcp telnet
> > > 25 open tcp smtp
> > > 53 open tcp domain
> > > 80 open tcp http
> > > 110 open tcp pop-3
> > > 111 open tcp sunrpc
> > > 443 open tcp https
> > > 12345 open tcp NetBus
> > >
> > > TCP Sequence Prediction: Class=random positive increments
> > > Difficulty=34403 (Worthy challenge)
> > > Remote operating system guess: FreeBSD 2.2.1 - 3.2
> > >
> > > Nmap run completed -- 1 IP address (1 host up) scanned in 65 seconds
> > >
> > >
> >
> >
> >
> >
>
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
