Vulnerability Development mailing list archives
Re: INZIDER!
From: brain_master () HOTMAIL COM (BrainMaster)
Date: Fri, 19 Nov 1999 23:35:15 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm running Inzider right now under nt4ws sp6. It can do tcp and udp. I see it reporting several ports even as high as 50505 tcp. From what I heard about it is that it uses a spying .dll that tries to watch winsock usage but some programs don't work with it. It has detected such things as sygate, netmeeting, I believe all the ports that NukeNabber is watching (including several udp) but doesn't notice programs like mirc or services. Netbus1 uses 12345tcp, netbus2pro usually is 20034tcp. BO1 does use 31337udp.
"When I tested it, my conclusion was that inzider looks for open UDP ports and not TCP ports. The ports he mentioned (135, 139) are UDP whereas I believe Netbus and BO use TCP ports." I don't know about Netbus, but BO uses UDP ports. So if inzider really does look for only UDP ports and it didn't pick up BO it's likely that it doesn't scan higher than, say, 10000 or something. Most scanners or diagnostics tools don't go that high simply because it would take a while, and normally BO is put on 31337 or some other equally high number. I would say try putting BO on a low port number to find out. Since I don't know much about Netbus, it's just a guess that the same thing is happening, but I really am not sure since I don't even know which protocol Netbus uses.
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com> iQA/AwUBODYlAcdYNrqYZUdWEQKpIwCfWFNPN3SCiiKgTGwuwBpldo7nv7cAn0va c+bI6nCsBS90v+8rRcOTiI6T =2lx4 -----END PGP SIGNATURE-----
Current thread:
- Re: INZIDER! Wolfgang Gassner (Nov 17)
- Re: INZIDER! Blue Boar (Nov 17)
- Re: INZIDER! rotaiv (Nov 18)
- Possible DoS attack against Microsoft SQL Server 7.0 kbelian (Nov 17)
- Re: INZIDER! Ryan Permeh (Nov 18)
- Re: INZIDER! Joaquim Alfredo Da Costa (Nov 18)
- Re: INZIDER! Robert Joosten (Nov 19)
- <Possible follow-ups>
- Re: INZIDER! Martin (Nov 18)
- Re: INZIDER! Kotz (Nov 19)
- Re: INZIDER! BrainMaster (Nov 19)
- Re: INZIDER! Blue Boar (Nov 17)