From owner-freebsd-isp  Wed Nov 29 19: 1:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail1.toronto.istar.net (mail1.toronto.istar.net [209.89.75.17])
	by hub.freebsd.org (Postfix) with ESMTP
	id 369EA37B402; Wed, 29 Nov 2000 19:01:53 -0800 (PST)
Received: from d141-117-39.home.cgocable.net ([24.141.117.39])
	by mail1.toronto.istar.net with esmtp (Exim 2.02 #1)
	id 141JzE-0006rF-00; Wed, 29 Nov 2000 22:02:16 -0500
Date: Wed, 29 Nov 2000 22:08:14 -0500 (EST)
From: Dru <genisis@istar.ca>
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>
Cc: John Howie <JHowie@msn.com>, freebsd-security@FreeBSD.ORG,
	freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
Message-ID: <Pine.BSF.4.21.0011292159290.5720-100000@genisis.istar.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:

> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?


Hi Jonathan,

These aren't FreeBSD specific, but here's my favourite links for port #s
and things to look out for:

http://www.robertgraham.com/pubs/firewall-seen.html

http://nethog.net/feeds/niteryder/trojans.htm

http://www.simovits.com/sve/nyhetsarkiv/1999/nyheter9902.html

http://www.portsdb.org/bin/portsdb.cgi

These might get you started.

Cheers,

Dru



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message