Security Basics mailing list archives

Re: Finding hidden backdoors

From: gminick <gminick () bsd sim pl>
Date: Fri, 1 Aug 2003 18:37:14 +0200

On Fri, Aug 01, 2003 at 09:43:20AM +0800, Thomas Ng wrote:
[...]

However, has anyone encountered any backdoor where it runs a sniffer and
only does certain actions when it sees a pre-defined header.

Take a look at SA-door. 
 <http://cmn.listprojects.darklab.org/SAdoor.0.4.2.beta.tgz>

How to deal with these?

You should invest with some IDS system and hardening tools to counteract 
break-ins.

ps. ...and **PLEASE**, all of you, do not top post and cut useless quotes.

-- 
[ Wojtek Walczak - gminick (at) underground.org.pl ]
[       <http://underground.org.pl/gminick/>       ]
[ "...rozmaite zwroty, matowe od patyny dawnosci." ]


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: Finding hidden backdoors Michael Silk (Aug 01)
- RE: Finding hidden backdoors Daniel Cid (Aug 01)
- <Possible follow-ups>
- RE: Finding hidden backdoors Thomas Ng (Aug 01)
  - RE: Finding hidden backdoors Daniel Cid (Aug 01)
  - Re: Finding hidden backdoors gminick (Aug 01)
- Re: Finding hidden backdoors Daniel Cid (Aug 01)
  - Re: Finding hidden backdoors Tim Greer (Aug 01)
- Re: Finding hidden backdoors Matt Simmons (Aug 01)
- Re: Finding hidden backdoors Simon Smith (Aug 04)