Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 Dec 1998 21:09:24 +0500 (KGT)
From:      CyberPsychotic <mlists@gizmo.kyrnet.kg>
To:        Alejandro Galindo Chairez AGALINDO <agalindo@servidor.exsocom.com.mx>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: udp security
Message-ID:  <Pine.LNX.4.05.9812212103280.417-101000@gizmo.kyrnet.kg>
In-Reply-To: <Pine.BSF.3.96.981220122653.3122B-100000@servidor.exsocom.com.mx>

next in thread | previous in thread | raw e-mail | index | archive | help
  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

---20771424-1675980187-914256563=:417
Content-Type: TEXT/PLAIN; charset=US-ASCII

You may want to install this piece, and make it listen the ports which
hackers try to attack. It will save these packs for latter analysis, so
we could see what acrtually they are trying to do. My idea is that they
probably got into via named, but well. Lets' see.. (I did this piece for
kicking Win* Bo scanner dudes, the piece is not quiute secure probably,
maybe vulneriable to DoS attacks, if you'd use a command (so don't)). But
having those packets saved would help you to figure out what actually they
try to do.. maybe they have implememented some kind of backdoor working
over UDP. (well :) I did one myself, when played with a friend of mine, so
:))

--
fygrave@tigerteam.net		http://www.kalug.lug.net

---20771424-1675980187-914256563=:417
Content-Type: APPLICATION/x-gunzip; name="udplstn.1.0.tar.gz"
Content-ID: <Pine.LNX.4.05.9812212109230.417@gizmo.kyrnet.kg>
Content-Description: 
Content-Disposition: attachment; filename="udplstn.1.0.tar.gz"
Content-Transfer-Encoding: BASE64

H4sIABJudjYAA+1be1fbSJbPv9KnqDiTRKaNsY0NiRn3NuGRpjsBFsgmvQmH
I0slW4MseVUSj+nJd5/fvVWSZUPImT2b9MyOKwHLVbeqbt33vSpyfxqpLF57
9A2b6LY2N3vikRBic2P+07SWEBsb673uxsbmZleIdqe1sfFI9L4lUkXLVeam
QjwKbkepeyW/CPe18X/Rlhv+v3UvZRBG3+R87RbY2f0y/9c73YL/vU5nHfxf
7xH/W98CmcX2b87/nZ3ByPPsJzv7b7Zfnw7E6u7x0eFrfOzuvXqHz/duFInV
0cgf2osgPGQfvfrldGCkqJkIL5lM3NjHk7yRXjOx3+zqabZtG6j+nxyaVBfF
rLFt/cnZ2amL1aToEwUMBng+PZml6rbtRdKN+7aVTsRqIBbWs/9omv4rtUL/
T/a2d9/ufZs9vqL/0PyNQv+73U3W/1avtdT/79E+QmN96Yvhrdi5Hcr0WN16
4yQLPeHnaRiPhJJXMnUjcR3GmUxFHI7GmRJJINovX74Q57ZlWaEvXbUWhDdS
9S1Dp5+ycCTTTLqTZiwzggoid0IAli+v4jyKfooSz43Gicps+2zsxpdKZEnf
Xi2bvYt1HP8vVz8NpR8kqU8r1QWeRCZVBuSatn2cp9NEydk82zobh0pEYZZF
UkxD6UnClk6JM8BiwWol1+I2ybEduqNIepmYut6lzJQN80WHxohKJlJ4OIIb
xmKapJlIYpqVionrjcNYNsURLZunSopsLFMpXPxkSaxs7JdQF/qxmmqI63Ho
jQk48kUkM97dT2iaUKCKhhOOisMgCLOGyLypn0+mNg7suRnNdzPiQ70pXuWZ
OMBSsQLZgQzoR+fDUhPhKpG6vPE4H5nDE69sfXpG4pqRUHkQACxIE8wSz8lq
43jTNAHzJkwCP1TgqhSXcXId08q2l0o5paFAuhmEQ02eOyfNU0IsVsDs/Rjx
A3DL0hACBRJeAp6OpoSagOprKpxMI9kAae0kloYcaR6LMKMNfFcSEvAe1HGd
xM8z4YyTqUwDiMttXWBbMclxhqlmOggbJynxDIhPQjBaSQ+IZbdz8yAlr/Iw
8oF6RbyMnGjK0O44RoRJPvH5TRjnN8I5+Vn0mq26mEZuBrGbiCGIj72G7jC6
tdWYD0Db08ExTTO9gFaQt2wMfitFopAm+TCC1JyNpd51jF2z68Q2C6xmISRB
YY43hp7YTrteuGHbMrTRRIG6ZRmEEGRSMgo0F6Gc4JsbNQ0QjhKLKAG3QqI5
MLdZ/KfQ6kyQMN1qqSNZz/wkz5q206kb725bGjhybwXxfJoAko9jNKUhwuao
qTVKSbBsiH5wyCsggJydQv7CKy0Mpay7vp+CJGusU9esOGC3R0N0kKbo1/Wy
haJkiT2GJdAaGUBcEiAvlOfGMX2ilynXX0VgcJLHMfPZaq4VoQRtFOcTex88
cVlZCrL07dO9/xQYa85SETqMTHUHo6jCv0ohYL1GagYFYc2k/bF109Kte/5u
93h19cf2y06zvfGi2W522v32+gun01qvW4DrAujlq+6Lc2s/DcVhciU6m6L9
ot/p9tc32ZZWVuvdWa3dMau1H16t1+9sLK628X+wmh2UxCPCxeBW3z5Og5uS
YjOCEWkqlML4/zSJyDYJRrNKoSawaL7cfLmx8WKz2+1trHe7zRlJbXvl8Ohs
b0UvCF0dQZZgLGJS8yT2YVbCGEr/ixvnbnor2g3gutlqil/g02G/fFKDQEpI
UngpbTY+Exln7NVIalj81VR6IfwbCWJTkDxgp1xBaLGRRxYwDMhnVF0EG0it
dYVUKzgCD3oGGs36GM2GluYhdUIXYI1+hm6SzI9lNFVNlvOJNrS017UL/Zzh
JyPyLwnNL09Aq1i6rd7XisH7fbFt7/y8ffh677SPR/stzMqu9ES7KyCy651+
54X49fWZZru1cphkckVQjMR0YxMA9VMhprWbrYZxcez7PHjxEQjnDkMYE6s0
dEPJ2j1JCCahQ9w02MzH8to4E7gp2AU+1ympOcUKsFlmYQot/KawbetwbkZK
axNaPFc4ZJ7jJOPwQPow/JazUi9SEk5I8owQpxCCTZWbpuEVLcDMpS0sZ+oq
RV0Hx4WpktpYqWJnkhDahnet601gUkgx1rSU+GFKQCxbAXlDFpYCkQjRQ6Pw
1BmIZls8TsSF0LlGmCCFhMcTH4k5wg1ESbnUrOqRdnY7/dbLCqv2PuztVDHE
pFCNmaTvlDviKGgIDwFNIc8zlNClKsf6ZYImVqeF0RQfV6/O8SsqDkhfUpEm
CZ8RhKQDK+r1yvN9dNOROj8XNlt3rDtbz5om5H7cWMAmaXOB3iHRISGta9qz
rSxy34JMjbHZ2pNplwHwa3h6qKzjJ1KRqk9caLlluWSQPFZb41l9LbZFTqtd
LPx1QxsQmoONSG19CZkbaUHXOsvukoICiFbpKSFZq1fCsjAOXRgiFGmKE6ll
hJYK44AUNiCBx69LDlVnZLNoq6nLSAQwVHCTWQK2OG/fnZ6JvQ8Hp2f14pwF
ZoX1sazSmmAOcbdCeNC9Tb86otkkC8Gx1+PtN++3fzt9LEy8MuRwFRoGIwnY
nAyKjkog62ThMbEqqSRL2TiFYJGgqHKOEqQp2rkXWT801CKb3SeaTihmmEGT
K58gnMgpWresg+Pt3d0Ta5Wms1AUJy6E0KCLEMTTGM8UEtOhJx8+fGhWfojS
k4aJhQsVMt809Ygkx0cnZ5VNv7ZnRUIx2fGhzwhl64UQlktX4hfY1KM8m0Je
KmJLRBQqouQpui3UDrJ7LSkPIGOi47JkSgYKxJIkZN+hklHk/0UtxvsGe3wl
/9/knN/UfzcQDcEXtdbby/z/e7QnsIBRDif9Z5i2MGmOf7RnXTk8SObP96lb
tZbdTqW62w1KZvf0Jqx7d/qv3XChN/DiLJrvosh+vgcRDIxSthbG8/0uPNEa
jXxtAZwoCoeLfVTrmOurldXJmm3TyUJP5Ei6RzGHhhmFtYPWlm2vIUCVgZtH
mbhyoxxxycqaTSqeihWj/YM3R6/3D97sbRX9ZDRg9wfH2zu/XuwenJQDK8aS
kuEdHL578wYj5a4MYhwObV0OwGzBTBFSZK8YK3mDhDAWV0kIc+amSl54E0RI
bGfNVvWtOSgKjwjIOd0WKw0C1HD0CFCGoQiWcP8CzNx6QOr6AgFwEI4c6ijW
yCkYcfS8yS2597r9OyIgNoCBA/bING3UOGbpi6fqH4pGanbtgYDkU4xx9k9C
e6c5P3evq8KiVC+ikOBS3l4nqa/6vMynTHuwTxn5kjxbcFHGQxS5sBJJGiKw
ICdqppMnmptc8TVFxWjRuWCqaBiibSFYteRNmDltkPazbRP/J24YOxxhpSOv
5DS+XBGR9fdhHnx89W7/9OC/935on0PASEcugAMeWbChsIHfQJbXoP3pk3RV
YRyyPqcDnBVvscBDhXJPTyYSXFCall7RY8OLMvrE8vZMFh3GkDHjAYRrjpHt
+pzs8PCTMECSGQhdDhEM7XoeCO0UgeH7i6Nf6+LZM/F4YWCfBuqYJKzfxaKY
7SAUJffLwSSFBWZW/6n6FItaw3wFEpaVSsTWiI7b9OXz/VjozcAacWer927K
tYkyJqDAlTcHF1XWBHPprMRW/HqCrDoMeJNiD2M19Enr4nc+0uIuJlAkVdVl
vCK6hCaZvIXO6g4jSYKILLFh1qUzVo8IkZonOx2XwlkHmxvA1paATAQ6lfFD
eAXIWIgQakRno5rQKE1yaBhExBJeBO46LdrIPLcrzx1+VkA+9B1+zieuujTw
VM8qqXx08f7k6PDNb387utg52ds+w+f28fHe4S7o//Zod49n+PnUzDVPhCrF
01hFcf6po3kd4JqcHXgaylusF86zjJfAVB0wEiTXm6DgsU6MJR+vrHcYhtRW
B09VreEqj9fhanexYp3XDIIoV2PH5BTUA147Wv3EQGjH6WzvXxwc7p01To/I
V7w+2X7baNXrg8Fqm0QAsjIF35PUqWn4fo1ltWAQMVJ8xs/wrzJNnGeFTlJV
K4HU6K8aH/OliazoInAnYXQ7MJsvjuoH/hiMsySOnINDMoYX24e/3VmKfRJB
QYLxSH6CT4pk1DenbTgL5kMgpf4irvrcxbFpGXPoO7rAJUZXwY2EEPaG2R6A
JeUBV9VtQy7NcGYuSQsM9/MiA+NCkRZn6IIjtvDPMAKWcmBwNSZPs4K4aizp
ANp4RZa8ODiMccMY40arQep4DymemeUaz7BElfcWktCSEMXShhhcALpzTmql
7hJyn0nJScd12dficl6WVPErvEDrPjaVuBFqW2srVCmuKJE1ixmqkNV1CS8y
LZXQB6fT3s2EJA9Ntcg5TWEyVtuNZ9pRNVjtIfUWuAiLx4adygNFtWqUcAUP
KTDMVuHtCYAyU7FC3jeSzj0Lvz88otpZ/TGxgOm3omdwqs2pOe/DL4r0uwWd
/5vNGhpa8JsE2tRzKcjg0vZuciq4sH+pmgy2RnL4mY5A5XpotOuNpTGlMx5C
Wu8JzgqCcSyAByKcjgaIfNSLT6IgyREP0FQyrnOxgTWLDSx2+D5pb8UwFsbu
Y+vmaevFByo162LXU9WH0mUfSSH6NNj9cP4pI4uIwLnBGbzMLuIscQtlWf2x
MC11GsfQWM2Psf42NOIPGFZs8MMPEEWB7PovVAuOZVGmyHXgnlOFSDHZEWkw
Re8YYxWbsxWEKfW09lStPVVN+h/Sf330WuFHGxzVH5/s7R98YI1+8KRfPCbb
gmq0Vc+IdFpbnMeVmKAaeLBlNDzhIANuX4cXTpzwmxOOdOpsDs3cBZNozm/M
hKGjn1CxhErTWWUZvTSLN+1FdPzM6DmBP2CPXeK36LILT12xZoUh80xMxq+w
+KUBR2S1B033ltlaOIyZY2yXkfLHg4q4lxuZM9CXL62ONXV0Eviz+IiUzvr/
cc2kqP8UFbw/oP7T6XY3y/sfm50e3f/Y7C7vf32X9mD9575SyawmZLPbSKbw
i+no4/mgduWNp/2on/YRj8FNzFUDqll/XVdNrsRqUc2w4RM9fK3m49Q3RR9Z
Q3qeZf38bS7t52i+KJGz4zR731s72bozOl9AKcfnijgLvcbYL/RW6zdbxi/P
l1/uz8zZuXrGycLWcn3HtjgOEY7jDUYyA6V10kxLXDUKysPoPx6IvaN9bdv0
2w3H046d3l8+v3ou+mXdiJNXCkAQTlziuQDyCKhafXpGu3ykgnTsn5tJjNni
Cnr+lOZzqO9mSehgHubX7wWNCLQojWnAe+FSXtKUyh6AGwOueP4PmqOFjfFv
nS/iYIp1fd37IKj1mdMA/b6InBv7FyJC3cCIwjuaGn5CThnSaO5WuAEFmGA9
F5jYPa6Z6FKHd3CVTLNBq34HlVlgV62GgK1GdoIkIf4V3r4oXFCQRd59Vrko
IAwpS4hZ3l9CABcarmZLNvYZzIm1rgMkLGHFzKrmGl9qxNchRB9zMXM+PBEU
DNKg9rxJgqCNHW4BoAsiRDH9Lm/uldQ0lchUMiJjmcL8vP1fexdvtw8Ov1oM
AyLY595alDUXWps85o8209+sFf6fb+t+C+f/6Ov+v7dR3v9fX2+3yP931ntL
//892v/q/c99r3T+wfcyX3vj8nW3Ove+opru3k11i2qB/buu0lUN6KwjnFJl
/OB4Vhgvh6ZpRmPHJ2fzg3yVDnjQ+yHgxX13zGVhnYradaVEmKW35goe1VXZ
bmqDw1CVHJRxa2jcKP+sNR5KKufTV8a9YXDH5LD2xaST9q8iW5rig2PjNeit
RelANFZ6gxJ1fUJDH+0pBsb6m+xJO80oostDbvYc/hIOlC5HgtjS42pJUU+l
ii2l8PqOTupOJKRClcMmPloR8y6m3PsxxIziAm8yZTfUqOmXNjUETfR9wCfY
enAGnbiE12ddpNIcT5Fwl25NU8Qy3CzEg/wcP39+aB3t/eZWEBwwzJfgmZog
DflC3aNEOJlIP3QzGd1y0AEIm8taUt865hoY34kpL8yGsZgg0ONblFyhUgkX
xrikVdRPZhXwqYvJ8sb16DpDOQcE5DmmTBCEN1wX04N5TFohzQLsxoeS72KT
WzdjGpQA9F3ahC4+WeYQhaYN6OGqWi9EwNSolg+3aMI8+PRB+C+I/T5ILQKX
7hD1n34gkS8WnbHG1i/hZgM6XkliUIY6zXwdqPzTBRKL9z/G32CPr/39V69d
5v/t7maH8//NZf7/XRqE1Vz+V1keBJyVmBuHwtxaELUIYYCMm8goauVgpcgp
OLNYGNo9OBG1Zq262GKXqadSAFj26aqggMS0WlQk4NvXdHPR/MECcv3KS/ZO
r9es/IjuyvoP64N2j1/jmRW10xTt3heWI/suHFd5YVgXG73eek+s/ijmljC+
U/Rsm66+kKG453X36fbWP516L9uyLduyLduyLduyLduyLduyLduyLduyLduy
Ldu/cfs7RDifgwBQAAA=
---20771424-1675980187-914256563=:417--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9812212103280.417-101000>