Penetration Testing mailing list archives
[PEN-TEST] port 12345
From: Justin Funke <jfunke () CENDIUM COM>
Date: Mon, 2 Oct 2000 13:46:12 -0500
Has anyone seen the Netbus trojan ported to a Novell server? Is it possible the gateway server is forwarding the port from an internally affected machine? I can see the port open but filtered on a friend's network but we cannot find why it is showing up. There is no IDS software emulating a honeypot so something must be infected somewhere on the internal WAN. A full scan of the internal network shows no infected machines. Thanks, Justin
Current thread:
- [PEN-TEST] port 12345 Justin Funke (Oct 02)
- Re: [PEN-TEST] port 12345 Erik Tayler (Oct 02)
- <Possible follow-ups>
- Re: [PEN-TEST] port 12345 Tonick, Mike (Oct 02)
- Re: [PEN-TEST] port 12345 Craig, Scott (Oct 03)
- Re: [PEN-TEST] port 12345 Bowman James (Oct 03)