Vulnerability Development mailing list archives
[Fwd: INZIDER!]
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Fri, 19 Nov 1999 23:50:10 -0800
"Joe L. White" wrote:
in the documentation for inzider, it clearly states that the program may need to be run more than once in order to detect all bound ports. i have found mixed results (inconsistent) as to how many processes are detected in each subsequent run of the program. original website for tool: http://www.bahnhof.se/~winnt/toolbox/inzider/ current website: http://ntsecurity.nu/toolbox/inzider/ from the documentation posted at the website: What is inzider? This is a very useful tool which lists the current processes in your Windows system and the ports each one listen on. It is written to work on Windows NT and Windows 9x, and I know of no other program which does what inzider does. There have been some stability problems on Windows 9x, which I thought were solved but were still left although not as frequent. In the new version (1.2) I have done a few changes to improve both stability and reliability. I guess there is still much left to wish for, but over all I think inzider is a success, and it's quite popular despite the problems. On Windows NT, inzider is still unable to check processes which are started as services. Yet, it's very useful - for example, check out this page about inzider vs. bo2k (Back Orifice 2000). Keep your eyes open in the future, there will most likely come new improved versions. How do I use this tool? Download the install program file and run it. The install program is created with the freeware (for non commercial use) GkSetup written by Gero Kühn. After installation, run inzider from the Start menu. It will take some seconds and then you will see a list of processes and which ports they listen on. Sometimes all processes aren't listed on the first try. If this happens, close the program and restart it. Repeat this until all processes are shown (which usually takes at most 2-3 tries). To minimize the risks of experiencing problems, please save all unsaved work before running inzider. Also close any valuable documents and similar that you have open. After you finish using inzider, reboot the system to guarantee it's stability. also, an faq for the tool is posted here: http://ntsecurity.nu/toolbox/inzider/faq.shtml hope this helps, joe <<<>>> Please respond to BlueBoar () THIEVCO COM@Internet To: VULN-DEV () SECURITYFOCUS COM@Internet cc: Subject: Re: INZIDER! Wolfgang Gassner wrote:INZIDER??? This prog isnt working good, maybe its a kind of new Trojan or Virus!!!!!Any reason to suspect that, or is this wild speculation?I tested it running Netbus and Back Orifice on it and it doesnt detected it!!... Implying that you thought it was a carrier for Netbus or BO??It only gives some Information on Port 135, 139 ....Which is what it's supposed to do, right? Did it miss some ports?I believe the best an reliable way to determine which port is open is netstat -an !!!How about posting a comparison output from the two on your machine? BB
Current thread:
- Re: development of wordpad exploit, (continued)
- Re: development of wordpad exploit Larry W. Cashdollar (Nov 19)
- Re: development of wordpad exploit Taneli Huuskonen (Nov 19)
- Re: development of wordpad exploit Jason Paulson (Nov 19)
- Re: development of wordpad exploit Riley, Steven (Nov 19)
- Re: development of wordpad exploit Thomas Dullien (Nov 19)
- Re: development of wordpad exploit Harlan Carvey (Nov 19)
- Re: development of wordpad exploit Vanna P. Rella (Nov 19)
- Re: development of wordpad exploit Witold Chrabaszcz (Nov 19)
- Re: development of wordpad exploit Blue Boar (Nov 19)
- Re: development of wordpad exploit Rodrick Brown (Nov 19)
- [Fwd: INZIDER!] Blue Boar (Nov 19)
- Re: development of wordpad exploit Seth R Arnold (Nov 20)
- Re: development of wordpad exploit Witold Chrabaszcz (Nov 19)
- Re: development of wordpad exploit Larry W. Cashdollar (Nov 19)
- Re: development of wordpad exploit Aubrey Smith (Nov 20)
- Re: development of wordpad exploit Thomas Dullien (Nov 20)
- Re: development of wordpad exploit Dave Harvill (Nov 20)
- Re: development of wordpad exploit Pauli Ojanpera (Nov 21)
- Re: development of wordpad exploit Thomas Dullien (Nov 22)