|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Fwd: INZIDER!]
Blue Boar (BlueBoar
THIEVCO.COM)
Fri, 19 Nov 1999 23:50:10 -0800
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Seth R Arnold: "Re: development of wordpad exploit"
- Previous message: Rodrick Brown: "Re: development of wordpad exploit"
"Joe L. White" wrote:
>
> in the documentation for inzider, it clearly states that the program may need to be run more than once in order to detect all bound ports. i have found mixed results (inconsistent) as to how many processes are detected in each subsequent run of the program.
>
> original website for tool: http://www.bahnhof.se/~winnt/toolbox/inzider/
> current website: http://ntsecurity.nu/toolbox/inzider/
>
> from the documentation posted at the website:
>
> What is inzider?
>
> This is a very useful tool which lists the current processes in your Windows system and the ports each one listen on. It is written to work on Windows NT and
> Windows 9x, and I know of no other program which does what inzider does. There have been some stability problems on Windows 9x, which I thought were
> solved but were still left although not as frequent. In the new version (1.2) I have done a few changes to improve both stability and reliability. I guess there is
> still much left to wish for, but over all I think inzider is a success, and it's quite popular despite the problems. On Windows NT, inzider is still unable to check
> processes which are started as services. Yet, it's very useful - for example, check out this page about inzider vs. bo2k (Back Orifice 2000). Keep your eyes
> open in the future, there will most likely come new improved versions.
>
> How do I use this tool?
>
> Download the install program file and run it. The install program is created with the freeware (for non commercial use) GkSetup written by Gero Kühn. After
> installation, run inzider from the Start menu. It will take some seconds and then you will see a list of processes and which ports they listen on. Sometimes all
> processes aren't listed on the first try. If this happens, close the program and restart it. Repeat this until all processes are shown (which usually takes at
> most 2-3 tries). To minimize the risks of experiencing problems, please save all unsaved work before running inzider. Also close any valuable documents
> and similar that you have open. After you finish using inzider, reboot the system to guarantee it's stability.
>
> also, an faq for the tool is posted here:
>
> http://ntsecurity.nu/toolbox/inzider/faq.shtml
>
> hope this helps,
>
> joe
>
> <<<>>>
>
> Please respond to BlueBoarTHIEVCO.COMInternet
> To: VULN-DEVSECURITYFOCUS.COMInternet
> cc:
> Subject: Re: INZIDER!
>
> Wolfgang Gassner wrote:
> >
> > INZIDER???
> >
> > This prog isnt working good, maybe its a kind of new
> > Trojan or Virus!!!!!
>
> Any reason to suspect that, or is this wild speculation?
>
> > I tested it running Netbus and Back Orifice on it and it doesnt
> > detected it!!
>
> ... Implying that you thought it was a carrier for Netbus or BO??
>
> >
> > It only gives some Information on Port 135, 139 ....
>
> Which is what it's supposed to do, right? Did it miss some ports?
>
> >
> > I believe the best an reliable way to determine which port is open
> > is netstat -an !!!
> >
>
> How about posting a comparison output from the two on your machine?
>
> BB
- Next message: Seth R Arnold: "Re: development of wordpad exploit"
- Previous message: Rodrick Brown: "Re: development of wordpad exploit"
This archive was generated by hypermail 2.0b3 on Sat Nov 20 1999 - 01:53:08 CST