Bugtraq mailing list archives
Back Orifice detection and removal
From: ia () ST-ANDREWS AC UK (The Late Ian Angles)
Date: Thu, 3 Sep 1998 20:28:02 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hey Everybody, I'm just back on the bugtraq list so apologies if anyone's already done this and we don't know about it.... One of my colleagues, Simon Smith, has written a Back Orifice detection and removal program called B.O.R.E.D (which stands for something less obscene than the working title...) and can be obtained from http://www.st-andrews.ac.uk/~sjs/bored/bored.html with a few explanations. Any (uh, most :-) comments and criticism will be appreciated (then deleted, restored from backup, printed off and recycled as firelighters) ian - - -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNe7tw238tEG3GXvhAQEQ/wQA0F9KcTMCY9s01QUCU4ijPda6YStOdIhi T+VMLsRiVoEECcsOVYl04Jc+JMrB59kCPZgVjQhTG2LZTfUtrbT7yuywVQTTIoWM 4DbVdd+o93AvsOrUlWQCNpUBtDieosDOcm4R1K++qHVlL+BWKLbn8VXQBuqb+b2X DSF/ZtyCdJk= =9egj -----END PGP SIGNATURE-----
Current thread:
- Borderware predictable initial TCP, (continued)
- Borderware predictable initial TCP racer-x () ALTAVISTA NET (Sep 02)
- Re: Borderware predictable initial TCP Aggelos P. Varvitsiotis (Sep 03)
- Web servers / possible DOS Attack / mime header flooding Laurent FACQ (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Vanja Hrustic (Sep 03)
- wwwboard.pl vulnerability bugtraq (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Rich Wood (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Daniel Leeds (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Lars Eilebrecht (Sep 03)
- Borderware predictable initial TCP racer-x () ALTAVISTA NET (Sep 02)
- Fwd: [ISN] Another BO detector that is actually a trojan Reuben Yau (Sep 03)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Sep 03)
- Back Orifice detection and removal The Late Ian Angles (Sep 03)
- Cisco Security Notice: PIX Firewall Manager File Exposure psirt () CISCO COM (Sep 02)