RE: Outpost firewall Pro has Back Orifice trojan program

From: Shawn Jackson (
Date: 02/05/04

  • Next message: Tim Ballingall: "RE: File Catching Firewall?"
    Date: Wed, 4 Feb 2004 17:30:31 -0800
    To: "Jeff McLaughlin" <>, "Mr Babak Memari" <>, <>

    >From: Jeff McLaughlin []
    >....What I believe it tells me is NMAP got a response from port 31337
    >is typically (not always) used by Back Orifice.....

    On a windows based host any port greater then 1024 is open game for
    assignment, usually by RPC. According to RFC 739/768 any port above
    should be used for dynamic assignment, but with Microsoft that's just
    the case.

    >>31337,BackOrifice,Back Orifice trojan program <<<=====NOTE Please
    >>What is your Idea? I have downloaded it from .

    Service.lst is just a Port Number to Common Name mapper. Much
    like the /etc/services file in *NIX, as someone else already stated. You
    could follow Jeff's and other instructions to check to see if BO is
    on your system but I highly doubt the firewall installation placed it

    But then again.....

    Shawn Jackson
    Systems Administrator
    Horizon USA
    1190 Trademark Dr #107
    Reno NV 89521
    Phone: (775) 858-2338
           (800) 325-1199 x338

    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
    and many other technical hands on courses.
    Visit us at to get $720 off
    any course!

  • Next message: Tim Ballingall: "RE: File Catching Firewall?"