Re: INZIDER!

[brain_master () HOTMAIL COM (BrainMaster)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm running Inzider right now under nt4ws sp6. It can do tcp and udp.
I see it reporting several ports even as high as 50505 tcp. From what
I heard about it is that it uses a spying .dll that tries to watch
winsock usage but some programs don't work with it. It has detected
such things as sygate, netmeeting, I believe all the ports that
NukeNabber is watching (including several udp) but doesn't notice
programs like mirc or services.

Netbus1 uses 12345tcp, netbus2pro usually is 20034tcp. BO1 does use
31337udp.

> "When I tested it, my conclusion was that inzider looks for open
> UDP ports and not TCP ports. The ports he mentioned (135, 139) are
> UDP whereas I believe Netbus and BO use TCP ports."
>
> I don't know about Netbus, but BO uses UDP ports. So if inzider
> really does look for only UDP ports and it didn't pick up BO it's
> likely that it doesn't scan higher than, say, 10000 or something.
> Most scanners or diagnostics tools don't go that high simply
> because it would take a while, and normally BO is put on 31337 or
> some other equally high number. I would say try putting BO on a low
> port number to find out. Since I don't know much about Netbus, it's
> just a guess that the same thing is happening, but I really am not
> sure since I don't even know which protocol Netbus uses.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>

iQA/AwUBODYlAcdYNrqYZUdWEQKpIwCfWFNPN3SCiiKgTGwuwBpldo7nv7cAn0va
c+bI6nCsBS90v+8rRcOTiI6T
=2lx4
-----END PGP SIGNATURE-----