Re: cracking tool named 'nc' ?

From: Mathias Gygax (mg_at_trash.net)
Date: 07/11/03

  • Next message: James Lee Gromoll: "Re: Continued probing with source IP 10.x.x.x" 
    Date: Fri, 11 Jul 2003 01:22:27 +0200
To: security-basics@securityfocus.com

    On Don, Jul 10, 2003 at 02:10:56 -0400, Matt Hunter wrote:
    > Hi,

    hi,

    > I recently had my linux worstation broken into. The cracker created
    > a directory and placed two executables in it. One was called 'zap' -
    > which I've since found out is used to clean up log files before the
    > cracker logs out. The other one was called 'nc'. I can't find any
    > information on this program. Does anyone out there know what it's used for?

    zap is used for cleaning utmp and wtmp login information. is rather old,
    but still used. if you need the source-code of this tool, contact me
    directly.

    nc is netcat, primarly a programm which does the same as cat, but based
    on tcp/ip sockets. you can redirect output of a programm to netcat and
    pipe it rawly to a remote listening socket. netcat is also capable of
    listening to incoming connections. this tool is called the "swiss army
    knife" of tcp/ip networking, because of its clean design and interaction
    with other un*x processes (piping and redirection is easy possible)

    HTH

     - regards, mathias

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------

  • Next message: James Lee Gromoll: "Re: Continued probing with source IP 10.x.x.x"

    Relevant Pages

    • Re: cracking tool named nc ?
      ... > which I've since found out is used to clean up log files before the ... > cracker logs out. ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
      (Security-Basics)
    • cracking tool named nc ?
      ... One was called 'zap' - ... which I've since found out is used to clean up log files before the ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
      (Security-Basics)
    • AW: Central Win2000 auditing logs
      ... Willing but unable due to internal company regulations. ... We have about a meg of log per server per day. ... holds the log files for all of the servers in a company. ... The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
      (Security-Basics)
    • Re: My "D" Drive has been removed
      ... use a CD Cleaner on it and clean it. ... I thought it was my Video card so I would just reset the computer and shut ... Ok my D drive on my computer has been removed, I dont know what ... I checked some log files ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: [opensuse] Cant boot 10.3 after 11.0 install -No ideas ? Please?
      ... On Tuesday 02 September 2008 18:25:36 Patrick Shanahan wrote: ... THEN remove some of the older log files and clean /var/tmp if you have ... Still getting the LOGD message that it can't log to /var because it is ...
      (SuSE)