Firewall Wizards mailing list archives
Re: BO, netbus and so on...
From: "S. Jonah Pressman" <jonah () istar ca>
Date: Sat, 01 May 1999 22:34:37 -0400
Marcelo:
From my statistics and work in the area, it seems that BO is the
favourite of North American kids whereas NetBus is still the favourite of the Europeans - and, yes, the numbers and inferred ratios is very much in line with my research. Remember, Marcelo, with the newest vesion of NetBus, the perpetrator the port is not necesarily limited to tcp/12345 but is user defineable. Stay atop the underground literature and adjust your security tactics accordingly. Best Regards, Jonah Marcelo M. Sosa Lugones wrote:
Hello, These are some statics of NetBus/BO attacks from one of my border routers: Extended IP access list incoming-1 deny tcp any any eq 12345 (38540 matches) deny udp any any eq 31337 (125587 matches) deny ip 10.0.0.0 0.255.255.255 any (3849 matches) deny ip 172.16.0.0 0.15.255.255 any (2567 matches) deny ip 192.168.0.0 0.0.255.255 any (10138 matches) permit ip any any (93917505 matches) isn't it so much BO out there? is it normal? regards, -=marcelo=- Marcelo M. Sosa Lugones
-- __ __ / /___ ____ ____ _/ /_ S. Jonah Pressman __ / / __ \/ __ \/ __ `/ __ \ Project Manager, TD TCDFM / /_/ / /_/ / / / / /_/ / / / / BCE Emergis Inc. \____/\____/_/ /_/\__,_/_/ /_/ Financial Services _______________________________ Markham, Ontario, Canada ---------------- Home is where you hang your @ ---------------
Current thread:
- Re: BO, netbus and so on... S. Jonah Pressman (May 03)
- <Possible follow-ups>
- Re: BO, netbus and so on... Robert Graham (May 04)
- Re: BO, netbus and so on... Marcus J. Ranum (May 05)