From owner-freebsd-security  Sun Oct 10 19:26:50 1999
Delivered-To: freebsd-security@freebsd.org
Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2])
	by hub.freebsd.org (Postfix) with ESMTP id 4150314C2A
	for <freebsd-security@FreeBSD.ORG>; Sun, 10 Oct 1999 19:26:47 -0700 (PDT)
	(envelope-from brett@lariat.org)
Received: from mustang (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2])
	by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id UAA27694;
	Sun, 10 Oct 1999 20:26:29 -0600 (MDT)
Message-Id: <4.2.0.58.19991010202528.042c0b70@localhost>
X-Sender: brett@localhost
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 
Date: Sun, 10 Oct 1999 20:26:27 -0600
To: Brooks Davis <brooks@one-eyed-alien.net>,
	James Wyatt <jwyatt@rwsystems.net>
From: Brett Glass <brett@lariat.org>
Subject: Re: scanning of port 12345
Cc: Brooks Davis <brooks@one-eyed-alien.net>,
	"Nicole H." <nicole@unixgirl.com>, freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.GSO.4.10.9910101804350.16508-100000@orion.ac.hmc.edu>
References: <Pine.BSF.4.10.9910101900340.71027-100000@bsdie.rwsystems.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 06:10 PM 10/10/99 -0700, Brooks Davis wrote:

>Neither Netbus or BackOriface provide any machanisms for attacking a
>machine.

Not so. A remote sniffer is a great way to get passwords.

>   Netbus is sold just like any other remote monitoring and admin
>tool including several that cost thousands of dollars.  CDC (the authors
>of BO) have a webpage pointing out that there is almost no difference
>between their product that the Microsoft System Management Server.  

And you believe them?

--Brett



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message