Penetration Testing mailing list archives
Re: [PEN-TEST] DOS Attack
From: Spy Fox <nebula_61 () HOTMAIL COM>
Date: Tue, 10 Oct 2000 15:47:35 EDT
Hack-A-Tack is a Trojan Horse program similar to BackOrifice and SubSeven. It consists of a client and server application. The server application is named "expl32.exe" and is usually copied to the Windows subdirectory and launched through the startup process. Once installed, the malicious user can take control of the infected PC and execute a wide variety of commands. TCP ports 31785, 31787 and UDP ports 31789 and 31791 are the default connection ports, although I believe the malicious user can modify this. Removal of this program requires knowledge of the Windows registry and REGEDIT. Look for an entry under the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" branch of the Registry. This program is usually delivered either through physical access to the PC, or via open NetBios access with shares enabled. Now the thing that confuses me about your post is the DOS attack on the IRIX system. Hack-A-Tack is designed for Windows 95/98 PCs, and to my knowledge has not been ported to any other OS. Best Regards - Todd Eastman www.spy-fox.com
From: "Craig T. Hancock" <craig () CHARLIE CNS IIT EDU> Reply-To: Penetration Testers <PEN-TEST () SECURITYFOCUS COM> To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] DOS Attack Date: Tue, 10 Oct 2000 09:42:09 -0500 Hello all I am doing some reasearch for a friend for a DOS attack on an IRIX 6.5 the attack from what I was told can be ported to an unix machine. So I am trying here this is the info that I have on the attack. It is called Hack a Tick. Hello all a machine that I administer has been involved in a DOS attack on my subnet. THe networking monitor group as told me that a person was connecting to my machine via prt 31789 which is a udp port that cause a huge amount of overhead on the network. The thing I don't understand is how is this attacked is cause also I don't understand how the person could have gotten in.
<snipped for space> _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Current thread:
- Re: [PEN-TEST] DOS Attack Spy Fox (Oct 10)