Security Basics mailing list archives
RE: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojan program
From: "Mike" <mike () superiorholidayadventures ca>
Date: Tue, 3 Feb 2004 13:54:09 -0500
That looks like an internal "port to service" list. It's the same as what you'd see at: http://www.iana.org/assignments/port-numbers I really don't feel that you have the BackOrifice trojan installed. If you need to be sure, on a known clean machine, get TCPView or TDIMon from sysinternals.com and put it on a cd. Take that CD to your suspect computer to see if any ports out of the ordinary are open and listening. Mike Fetherston
-----Original Message----- From: Mr Babak Memari [mailto:memari () myrealbox com] Sent: Tuesday, February 03, 2004 7:26 AM To: security-basics () securityfocus com Subject: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice
trojan
program Hi I have found this file below in Outpost firewall Pro
2.0.238.3121(290) :
C:\Program Files\Agnitum\Outpost Firewall\Service.lst After opening it with Notepad I found a trace of "Back Orifice trojan program" : [udp] 7,ECHO,Echo 9,Discard,Discard 13,Daytime,Daytime 17,QOTD,Quote of the Day 19,Chargen,Character Generator 37,Time,Timeserver 53,DNS,Domain name service 67,BOOTPS,Bootstrap Protocol Server 68,BOOTPC,Bootstrap Protocol Client 137,NETBIOS_NS,NETBIOS Name Service 138,NETBIOS_DGM,NETBIOS Datagram Service 161,SNMP,SNMP (Simple Network Management Protocol) 162,SNMPTRAP,SNMPTRAP (Simple Network Management Protocol) 4000,ICQ,ICQ chat program 31337,BackOrifice,Back Orifice trojan program <<<=====NOTE Please
**
What is your Idea? I have downloaded it from agnitum.com . ----- Babak www.voidspace.org.uk/babak
------------------------------------------------------------------------ --
- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
any
course! All of our class sizes are guaranteed to be 10 students or
less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720
off
any course!
------------------------------------------------------------------------ --
--
--------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojan program Mr Babak Memari (Feb 03)
- RE: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojan program Joey Peloquin (Feb 04)
- Outpost firewall does NOT have Back Orifice trojan program Mortis (Feb 04)
- <Possible follow-ups>
- RE: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojan program Mike (Feb 04)
- RE: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojan program Shawn Jackson (Feb 05)