From owner-freebsd-security Sun Oct 10 20:33:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from vasquez.zip.com.au (vasquez.zip.com.au [203.12.97.41]) by hub.freebsd.org (Postfix) with ESMTP id 2C06714C3D for ; Sun, 10 Oct 1999 20:33:40 -0700 (PDT) (envelope-from ncb@zip.com.au) Received: from zipperii.zip.com.au (ncb@zipperii.zip.com.au [203.12.97.87]) by vasquez.zip.com.au (8.9.2/8.9.1) with ESMTP id NAA05951; Mon, 11 Oct 1999 13:16:02 +1000 (EST) Date: Mon, 11 Oct 1999 13:33:28 +1000 (EST) From: Nicholas Brawn To: Brett Glass Cc: Brooks Davis , James Wyatt , "Nicole H." , freebsd-security@FreeBSD.ORG Subject: Re: scanning of port 12345 In-Reply-To: <4.2.0.58.19991010202528.042c0b70@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 10 Oct 1999, Brett Glass wrote: > At 06:10 PM 10/10/99 -0700, Brooks Davis wrote: > > >Neither Netbus or BackOriface provide any machanisms for attacking a > >machine. > > Not so. A remote sniffer is a great way to get passwords. > > > Netbus is sold just like any other remote monitoring and admin > >tool including several that cost thousands of dollars. CDC (the authors > >of BO) have a webpage pointing out that there is almost no difference > >between their product that the Microsoft System Management Server. > > And you believe them? The more powerful the remote administration tool, the more potential for abuse. Remote administration tools can be used by by legitimate and illegitimate parties for various tasks. It's almost like (imho) flaming the authors of tcpdump for making such a powerful sniffer. My $0.02 Nick -- Email: ncb@zip.com.au (or) nicholas.brawn@hushmail.com Key fingerprint = 71C5 2EA8 903B 0BC4 8EEE 9122 7349 EADC 49C1 424E To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message