a fun new tool from us...

["Marcus J. Ranum" <mjr () nfr net>]

Greetings -

        I've recently completed development and testing on a new
tool which you can download from our website. It's a lightweight
intrusion/scan detection agent for UNIX and Windows. Specifically,
it's targetted at getting an idea of how much Back Orifice traffic
is out there, and how often people are scanned (answer so far: a lot,
and often) We (law enforcement, me, and a few friends) have already
used it a couple times to bust script-kiddies. It's really useful
as an educational tool for those who think that they're safe or
not a target if they stay dialed-up to the Internet all day. I'd
love to hear any results from a cable-modem connected user, to see
if hackers are scanning there yet or not.

        Source code for a UNIX version is on our web site, along
with a Win-32 executable that has a cool GUI and also detects
port scans and can act as a spoofing server to record Telnet
login attempts, etc. For more information see:
http://www.nfr.net/bof

mjr.
(PS - to those of you on the list who were beta-test subjects: thank
you all!)
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr