Date: Mon, 21 Dec 1998 21:09:24 +0500 (KGT) From: CyberPsychotic <mlists@gizmo.kyrnet.kg> To: Alejandro Galindo Chairez AGALINDO <agalindo@servidor.exsocom.com.mx> Cc: freebsd-security@FreeBSD.ORG Subject: Re: udp security Message-ID: <Pine.LNX.4.05.9812212103280.417-101000@gizmo.kyrnet.kg> In-Reply-To: <Pine.BSF.3.96.981220122653.3122B-100000@servidor.exsocom.com.mx>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---20771424-1675980187-914256563=:417 Content-Type: TEXT/PLAIN; charset=US-ASCII You may want to install this piece, and make it listen the ports which hackers try to attack. It will save these packs for latter analysis, so we could see what acrtually they are trying to do. My idea is that they probably got into via named, but well. Lets' see.. (I did this piece for kicking Win* Bo scanner dudes, the piece is not quiute secure probably, maybe vulneriable to DoS attacks, if you'd use a command (so don't)). But having those packets saved would help you to figure out what actually they try to do.. maybe they have implememented some kind of backdoor working over UDP. (well :) I did one myself, when played with a friend of mine, so :)) -- fygrave@tigerteam.net http://www.kalug.lug.net ---20771424-1675980187-914256563=:417 Content-Type: APPLICATION/x-gunzip; name="udplstn.1.0.tar.gz" Content-ID: <Pine.LNX.4.05.9812212109230.417@gizmo.kyrnet.kg> Content-Description: Content-Disposition: attachment; filename="udplstn.1.0.tar.gz" Content-Transfer-Encoding: BASE64 H4sIABJudjYAA+1be1fbSJbPv9KnqDiTRKaNsY0NiRn3NuGRpjsBFsgmvQmH I0slW4MseVUSj+nJd5/fvVWSZUPImT2b9MyOKwHLVbeqbt33vSpyfxqpLF57 9A2b6LY2N3vikRBic2P+07SWEBsb673uxsbmZleIdqe1sfFI9L4lUkXLVeam QjwKbkepeyW/CPe18X/Rlhv+v3UvZRBG3+R87RbY2f0y/9c73YL/vU5nHfxf 7xH/W98CmcX2b87/nZ3ByPPsJzv7b7Zfnw7E6u7x0eFrfOzuvXqHz/duFInV 0cgf2osgPGQfvfrldGCkqJkIL5lM3NjHk7yRXjOx3+zqabZtG6j+nxyaVBfF rLFt/cnZ2amL1aToEwUMBng+PZml6rbtRdKN+7aVTsRqIBbWs/9omv4rtUL/ T/a2d9/ufZs9vqL/0PyNQv+73U3W/1avtdT/79E+QmN96Yvhrdi5Hcr0WN16 4yQLPeHnaRiPhJJXMnUjcR3GmUxFHI7GmRJJINovX74Q57ZlWaEvXbUWhDdS 9S1Dp5+ycCTTTLqTZiwzggoid0IAli+v4jyKfooSz43Gicps+2zsxpdKZEnf Xi2bvYt1HP8vVz8NpR8kqU8r1QWeRCZVBuSatn2cp9NEydk82zobh0pEYZZF UkxD6UnClk6JM8BiwWol1+I2ybEduqNIepmYut6lzJQN80WHxohKJlJ4OIIb xmKapJlIYpqVionrjcNYNsURLZunSopsLFMpXPxkSaxs7JdQF/qxmmqI63Ho jQk48kUkM97dT2iaUKCKhhOOisMgCLOGyLypn0+mNg7suRnNdzPiQ70pXuWZ OMBSsQLZgQzoR+fDUhPhKpG6vPE4H5nDE69sfXpG4pqRUHkQACxIE8wSz8lq 43jTNAHzJkwCP1TgqhSXcXId08q2l0o5paFAuhmEQ02eOyfNU0IsVsDs/Rjx A3DL0hACBRJeAp6OpoSagOprKpxMI9kAae0kloYcaR6LMKMNfFcSEvAe1HGd xM8z4YyTqUwDiMttXWBbMclxhqlmOggbJynxDIhPQjBaSQ+IZbdz8yAlr/Iw 8oF6RbyMnGjK0O44RoRJPvH5TRjnN8I5+Vn0mq26mEZuBrGbiCGIj72G7jC6 tdWYD0Db08ExTTO9gFaQt2wMfitFopAm+TCC1JyNpd51jF2z68Q2C6xmISRB YY43hp7YTrteuGHbMrTRRIG6ZRmEEGRSMgo0F6Gc4JsbNQ0QjhKLKAG3QqI5 MLdZ/KfQ6kyQMN1qqSNZz/wkz5q206kb725bGjhybwXxfJoAko9jNKUhwuao qTVKSbBsiH5wyCsggJydQv7CKy0Mpay7vp+CJGusU9esOGC3R0N0kKbo1/Wy haJkiT2GJdAaGUBcEiAvlOfGMX2ilynXX0VgcJLHMfPZaq4VoQRtFOcTex88 cVlZCrL07dO9/xQYa85SETqMTHUHo6jCv0ohYL1GagYFYc2k/bF109Kte/5u 93h19cf2y06zvfGi2W522v32+gun01qvW4DrAujlq+6Lc2s/DcVhciU6m6L9 ot/p9tc32ZZWVuvdWa3dMau1H16t1+9sLK628X+wmh2UxCPCxeBW3z5Og5uS YjOCEWkqlML4/zSJyDYJRrNKoSawaL7cfLmx8WKz2+1trHe7zRlJbXvl8Ohs b0UvCF0dQZZgLGJS8yT2YVbCGEr/ixvnbnor2g3gutlqil/g02G/fFKDQEpI UngpbTY+Exln7NVIalj81VR6IfwbCWJTkDxgp1xBaLGRRxYwDMhnVF0EG0it dYVUKzgCD3oGGs36GM2GluYhdUIXYI1+hm6SzI9lNFVNlvOJNrS017UL/Zzh JyPyLwnNL09Aq1i6rd7XisH7fbFt7/y8ffh677SPR/stzMqu9ES7KyCy651+ 54X49fWZZru1cphkckVQjMR0YxMA9VMhprWbrYZxcez7PHjxEQjnDkMYE6s0 dEPJ2j1JCCahQ9w02MzH8to4E7gp2AU+1ympOcUKsFlmYQot/KawbetwbkZK axNaPFc4ZJ7jJOPwQPow/JazUi9SEk5I8owQpxCCTZWbpuEVLcDMpS0sZ+oq RV0Hx4WpktpYqWJnkhDahnet601gUkgx1rSU+GFKQCxbAXlDFpYCkQjRQ6Pw 1BmIZls8TsSF0LlGmCCFhMcTH4k5wg1ESbnUrOqRdnY7/dbLCqv2PuztVDHE pFCNmaTvlDviKGgIDwFNIc8zlNClKsf6ZYImVqeF0RQfV6/O8SsqDkhfUpEm CZ8RhKQDK+r1yvN9dNOROj8XNlt3rDtbz5om5H7cWMAmaXOB3iHRISGta9qz rSxy34JMjbHZ2pNplwHwa3h6qKzjJ1KRqk9caLlluWSQPFZb41l9LbZFTqtd LPx1QxsQmoONSG19CZkbaUHXOsvukoICiFbpKSFZq1fCsjAOXRgiFGmKE6ll hJYK44AUNiCBx69LDlVnZLNoq6nLSAQwVHCTWQK2OG/fnZ6JvQ8Hp2f14pwF ZoX1sazSmmAOcbdCeNC9Tb86otkkC8Gx1+PtN++3fzt9LEy8MuRwFRoGIwnY nAyKjkog62ThMbEqqSRL2TiFYJGgqHKOEqQp2rkXWT801CKb3SeaTihmmEGT K58gnMgpWresg+Pt3d0Ta5Wms1AUJy6E0KCLEMTTGM8UEtOhJx8+fGhWfojS k4aJhQsVMt809Ygkx0cnZ5VNv7ZnRUIx2fGhzwhl64UQlktX4hfY1KM8m0Je KmJLRBQqouQpui3UDrJ7LSkPIGOi47JkSgYKxJIkZN+hklHk/0UtxvsGe3wl /9/knN/UfzcQDcEXtdbby/z/e7QnsIBRDif9Z5i2MGmOf7RnXTk8SObP96lb tZbdTqW62w1KZvf0Jqx7d/qv3XChN/DiLJrvosh+vgcRDIxSthbG8/0uPNEa jXxtAZwoCoeLfVTrmOurldXJmm3TyUJP5Ei6RzGHhhmFtYPWlm2vIUCVgZtH mbhyoxxxycqaTSqeihWj/YM3R6/3D97sbRX9ZDRg9wfH2zu/XuwenJQDK8aS kuEdHL578wYj5a4MYhwObV0OwGzBTBFSZK8YK3mDhDAWV0kIc+amSl54E0RI bGfNVvWtOSgKjwjIOd0WKw0C1HD0CFCGoQiWcP8CzNx6QOr6AgFwEI4c6ijW yCkYcfS8yS2597r9OyIgNoCBA/bING3UOGbpi6fqH4pGanbtgYDkU4xx9k9C e6c5P3evq8KiVC+ikOBS3l4nqa/6vMynTHuwTxn5kjxbcFHGQxS5sBJJGiKw ICdqppMnmptc8TVFxWjRuWCqaBiibSFYteRNmDltkPazbRP/J24YOxxhpSOv 5DS+XBGR9fdhHnx89W7/9OC/935on0PASEcugAMeWbChsIHfQJbXoP3pk3RV YRyyPqcDnBVvscBDhXJPTyYSXFCall7RY8OLMvrE8vZMFh3GkDHjAYRrjpHt +pzs8PCTMECSGQhdDhEM7XoeCO0UgeH7i6Nf6+LZM/F4YWCfBuqYJKzfxaKY 7SAUJffLwSSFBWZW/6n6FItaw3wFEpaVSsTWiI7b9OXz/VjozcAacWer927K tYkyJqDAlTcHF1XWBHPprMRW/HqCrDoMeJNiD2M19Enr4nc+0uIuJlAkVdVl vCK6hCaZvIXO6g4jSYKILLFh1qUzVo8IkZonOx2XwlkHmxvA1paATAQ6lfFD eAXIWIgQakRno5rQKE1yaBhExBJeBO46LdrIPLcrzx1+VkA+9B1+zieuujTw VM8qqXx08f7k6PDNb387utg52ds+w+f28fHe4S7o//Zod49n+PnUzDVPhCrF 01hFcf6po3kd4JqcHXgaylusF86zjJfAVB0wEiTXm6DgsU6MJR+vrHcYhtRW B09VreEqj9fhanexYp3XDIIoV2PH5BTUA147Wv3EQGjH6WzvXxwc7p01To/I V7w+2X7baNXrg8Fqm0QAsjIF35PUqWn4fo1ltWAQMVJ8xs/wrzJNnGeFTlJV K4HU6K8aH/OliazoInAnYXQ7MJsvjuoH/hiMsySOnINDMoYX24e/3VmKfRJB QYLxSH6CT4pk1DenbTgL5kMgpf4irvrcxbFpGXPoO7rAJUZXwY2EEPaG2R6A JeUBV9VtQy7NcGYuSQsM9/MiA+NCkRZn6IIjtvDPMAKWcmBwNSZPs4K4aizp ANp4RZa8ODiMccMY40arQep4DymemeUaz7BElfcWktCSEMXShhhcALpzTmql 7hJyn0nJScd12dficl6WVPErvEDrPjaVuBFqW2srVCmuKJE1ixmqkNV1CS8y LZXQB6fT3s2EJA9Ntcg5TWEyVtuNZ9pRNVjtIfUWuAiLx4adygNFtWqUcAUP KTDMVuHtCYAyU7FC3jeSzj0Lvz88otpZ/TGxgOm3omdwqs2pOe/DL4r0uwWd /5vNGhpa8JsE2tRzKcjg0vZuciq4sH+pmgy2RnL4mY5A5XpotOuNpTGlMx5C Wu8JzgqCcSyAByKcjgaIfNSLT6IgyREP0FQyrnOxgTWLDSx2+D5pb8UwFsbu Y+vmaevFByo162LXU9WH0mUfSSH6NNj9cP4pI4uIwLnBGbzMLuIscQtlWf2x MC11GsfQWM2Psf42NOIPGFZs8MMPEEWB7PovVAuOZVGmyHXgnlOFSDHZEWkw Re8YYxWbsxWEKfW09lStPVVN+h/Sf330WuFHGxzVH5/s7R98YI1+8KRfPCbb gmq0Vc+IdFpbnMeVmKAaeLBlNDzhIANuX4cXTpzwmxOOdOpsDs3cBZNozm/M hKGjn1CxhErTWWUZvTSLN+1FdPzM6DmBP2CPXeK36LILT12xZoUh80xMxq+w +KUBR2S1B033ltlaOIyZY2yXkfLHg4q4lxuZM9CXL62ONXV0Eviz+IiUzvr/ cc2kqP8UFbw/oP7T6XY3y/sfm50e3f/Y7C7vf32X9mD9575SyawmZLPbSKbw i+no4/mgduWNp/2on/YRj8FNzFUDqll/XVdNrsRqUc2w4RM9fK3m49Q3RR9Z Q3qeZf38bS7t52i+KJGz4zR731s72bozOl9AKcfnijgLvcbYL/RW6zdbxi/P l1/uz8zZuXrGycLWcn3HtjgOEY7jDUYyA6V10kxLXDUKysPoPx6IvaN9bdv0 2w3H046d3l8+v3ou+mXdiJNXCkAQTlziuQDyCKhafXpGu3ykgnTsn5tJjNni Cnr+lOZzqO9mSehgHubX7wWNCLQojWnAe+FSXtKUyh6AGwOueP4PmqOFjfFv nS/iYIp1fd37IKj1mdMA/b6InBv7FyJC3cCIwjuaGn5CThnSaO5WuAEFmGA9 F5jYPa6Z6FKHd3CVTLNBq34HlVlgV62GgK1GdoIkIf4V3r4oXFCQRd59Vrko IAwpS4hZ3l9CABcarmZLNvYZzIm1rgMkLGHFzKrmGl9qxNchRB9zMXM+PBEU DNKg9rxJgqCNHW4BoAsiRDH9Lm/uldQ0lchUMiJjmcL8vP1fexdvtw8Ov1oM AyLY595alDUXWps85o8209+sFf6fb+t+C+f/6Ov+v7dR3v9fX2+3yP931ntL //892v/q/c99r3T+wfcyX3vj8nW3Ove+opru3k11i2qB/buu0lUN6KwjnFJl /OB4Vhgvh6ZpRmPHJ2fzg3yVDnjQ+yHgxX13zGVhnYradaVEmKW35goe1VXZ bmqDw1CVHJRxa2jcKP+sNR5KKufTV8a9YXDH5LD2xaST9q8iW5rig2PjNeit RelANFZ6gxJ1fUJDH+0pBsb6m+xJO80oostDbvYc/hIOlC5HgtjS42pJUU+l ii2l8PqOTupOJKRClcMmPloR8y6m3PsxxIziAm8yZTfUqOmXNjUETfR9wCfY enAGnbiE12ddpNIcT5Fwl25NU8Qy3CzEg/wcP39+aB3t/eZWEBwwzJfgmZog DflC3aNEOJlIP3QzGd1y0AEIm8taUt865hoY34kpL8yGsZgg0ONblFyhUgkX xrikVdRPZhXwqYvJ8sb16DpDOQcE5DmmTBCEN1wX04N5TFohzQLsxoeS72KT WzdjGpQA9F3ahC4+WeYQhaYN6OGqWi9EwNSolg+3aMI8+PRB+C+I/T5ILQKX 7hD1n34gkS8WnbHG1i/hZgM6XkliUIY6zXwdqPzTBRKL9z/G32CPr/39V69d 5v/t7maH8//NZf7/XRqE1Vz+V1keBJyVmBuHwtxaELUIYYCMm8goauVgpcgp OLNYGNo9OBG1Zq262GKXqadSAFj26aqggMS0WlQk4NvXdHPR/MECcv3KS/ZO r9es/IjuyvoP64N2j1/jmRW10xTt3heWI/suHFd5YVgXG73eek+s/ijmljC+ U/Rsm66+kKG453X36fbWP516L9uyLduyLduyLduyLduyLduyLduyLduyLduy Ldu/cfs7RDifgwBQAAA= ---20771424-1675980187-914256563=:417-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9812212103280.417-101000>