OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
FreeBSD Security Archives: Re: scanning of port 12345

Re: scanning of port 12345

Chris Williams (psiongeekspace.com)
Sun, 10 Oct 1999 22:43:17 -0400

> >Neither Netbus or BackOriface provide any machanisms for attacking a
> >machine.
> Not so. A remote sniffer is a great way to get passwords.

Note: SMS includes a remote sniffer utility.

> > Netbus is sold just like any other remote monitoring and admin
> >tool including several that cost thousands of dollars. CDC (the authors
> >of BO) have a webpage pointing out that there is almost no difference
> >between their product that the Microsoft System Management Server.
> And you believe them?

It's not a matter of belief, it's a matter of fact. Having used SMS, it
does in fact have most of the same capabilities as BO. It's also easier
to install on a large number of machines without users' knowledge, and
harder to remove.
The only argument I can think of that you could make for SMS as a
fundamentally more 'legit' remote admin tool is that it uses the domain
security model for authentication. But, since SMS remote tools can be
run against a machine using the local admin credentails, which is to
say, without a valid domain login, even that point is pretty weak.

How in the world did we end up on this in freebsd-security, anyhow?

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

This archive was generated by hypermail 2.0b3 on Sun Oct 10 1999 - 21:40:35 CDT