Vulnerability Development mailing list archives
Re: INZIDER!
From: rrpermeh () RCONNECT COM (Ryan Permeh)
Date: Thu, 18 Nov 1999 08:44:09 -0600
The NTRootKit is working on a drop in netstat trojan that will hide theese types of things. Netstat is not always going to be reliable, when used on it's own. You may want to start versioning and checksumming binaries now, or have a clean disk that contains unaltered code. (write protect it). Details can be gathered at www.rootkit.com(the trojaned netstat is a very small part of the overall project, and you may be interested in checking out other parts that may be interesting to this group). talis Wolfgang Gassner wrote:
INZIDER??? This prog isnt working good, maybe its a kind of new Trojan or Virus!!!!! I tested it running Netbus and Back Orifice on it and it doesnt detected it!! It only gives some Information on Port 135, 139 .... I believe the best an reliable way to determine which port is open is netstat -an !!!From: Marc Esipovich <marc () MUCOM CO IL> Reply-To: Marc Esipovich <marc () MUCOM CO IL> To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Open Port on Win98 box Date: Wed, 10 Nov 1999 07:19:10 +0200Get it here; http://ntsecurity.nu/toolbox/I got an email from Thomas saying the URL I gave wasn't working, an ftp serach yeilded this: 1 -rw-rw-rw- 237.3K 1999 Oct 25 ftp.kgb.ru/WinSock/inzider.exe 2 -rw-r--r-- 237.3K 1999 Oct 5 ftp.frontiernet.net/pub/users/dsf/inzider.exe Marc Esipovich. -- root is only a few clicks away...______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- Re: INZIDER! Wolfgang Gassner (Nov 17)
- Re: INZIDER! Blue Boar (Nov 17)
- Re: INZIDER! rotaiv (Nov 18)
- Possible DoS attack against Microsoft SQL Server 7.0 kbelian (Nov 17)
- Re: INZIDER! Ryan Permeh (Nov 18)
- Re: INZIDER! Joaquim Alfredo Da Costa (Nov 18)
- Re: INZIDER! Robert Joosten (Nov 19)
- <Possible follow-ups>
- Re: INZIDER! Martin (Nov 18)
- Re: INZIDER! Kotz (Nov 19)
- Re: INZIDER! BrainMaster (Nov 19)
- Re: INZIDER! Blue Boar (Nov 17)