Re: Back Orifice 2K - RedHat 7.1/7.2

From: Neophyte (neophyte@news.snel.net)
Date: 06/27/02


From: "Neophyte" <neophyte@news.snel.net>
Date: Thu, 27 Jun 2002 23:24:51 +0200

Hi zeroK,

I appreciate your help. I found all of this out after a suggestion from
another posting and a little extra digging on my part. I've come to realize
that the entry...more than likely is being produced by PortSentry which is
giving me an indication of where certain programs run, but does not in fact
say that the program is running. I'm still sifting my way through the
information and finding more each day. I just want to know that I'm not
doing something really boneheaded when I could have either prevented it
myself or asked for help ;^).

Once again. I appreciate your input. I used it and it helped.

Take care,
Gabriel

"zeroK" <zeroK@videotron.ca> wrote in message
news:3D1A54F6.7080201@videotron.ca...
> Hi,
>
> bo2k for Linux is client only, so you are not backdoor'ed
> by bo2k.
>
> So, what is the listening prosess on the 56XXX port
>
> Try :
> netstat -aplt
> to see what is the process listening on port 65XXX
>
> bye :o)
>
>
>
>
> Neophyte wrote:
>
> > Hello All,
> >
> > I'm currently taking my first stabs at creating a firewall for my cable
> > connection. As I've looked into various distributions, I decided to try
> > giving RedHat a go as a workstation on one machine and as a
firewall/router
> > on another. After installing RedHat 7.1 w/o X on the workstation box,
> > purging and adding the programs I required, and then upgrading to RH
7.2, I
> > decided to play a little and run nmap on my own machine to see what it
> > showed...just for curiosity's sake.
> >
> > Now I'm sure you can summise that I'm a newbie, but I'm not totally
blind
> > either. It took nmap approx. 8 seconds to scan my system and returned
and
> > entry for "bo2k" running open on port 56XXX...soemthing or other. I
> > recognized the name from online so I googlized it on another machine and
as
> > I suspected, it was the back orifice 2k program. This may not be
surprising,
> > if you consider that I'm a newbie, but you have to appreciate the fact
that
> > this system was never put online and had no access to the internet at
all On
> > top of this, the installation was performed with two boxed sets from
RedHat.
> > So the question remains...."Where did my system pick up the "bo2k"
program?
> > If this is a legitimate (albeit dubious) addition to the package, I can
> > accept it, but what I can't accept is it not being indicated in any of
the
> > documentation or during the installation.
> >
> > I'm trying to be open-minded here, but I don't need my system to be.
Does
> > anyone have an answer to this or seen it themselves?
> >
> > Thanks,
> > Gabriel
> >
> >
> >
> >
> >
>



Relevant Pages

  • Re: Back Orifice 2K - RedHat 7.1/7.2
    ... It took nmap approx. ... >> if you consider that I'm a newbie, but you have to appreciate the fact ... >> this system was never put online and had no access to the internet at ... >> documentation or during the installation. ...
    (comp.os.linux.security)
  • Re: [SLE] < RANT > *5
    ... On Wednesday 18 February 2004 11:43, Trey Gruel wrote: ... > i'm glad that suse puts /opt to good use keeping major components like kde ... file installation path AND b: lack the simple capacity to deal with stuff ... Another third or so of the NEWBIE ...
    (SuSE)
  • Re: Installation
    ... Newbie Installation of Debian Squeeze 6.0.5 i386 Netinstall disc. ... Hard disk partitioning is a delicated task that cannot be easily un-done ... accurate assessment of the communication level of your audience. ...
    (Debian-User)
  • Re: Installation
    ... Newbie Installation of Debian Squeeze 6.0.5 i386 Netinstall disc. ... Hard disk partitioning is a delicated task that cannot be easily un-done ...
    (Debian-User)
  • Re: DirecTV billing problem
    ... but I did it online. ... She asked me to arrange for installation for her. ... His name, the date of the phone call, the name of the package I was ... mom is pleased as punch. ...
    (misc.legal)